{ "swagger" : "2.0", "info" : { "description" : "Kiuwan REST API specification", "version" : "2.8.2605.0-SNAPSHOT", "title" : "Kiuwan REST API", "termsOfService" : "https://www.kiuwan.com/terms-of-use", "contact" : { "name" : "Kiuwan", "url" : "https://www.kiuwan.com", "email" : "support@kiuwan.com" }, "license" : { "name" : "MIT", "url" : "https://opensource.org/licenses/MIT" } }, "host" : "api.kiuwan.com", "tags" : [ { "name" : "ActionPlan" }, { "name" : "ActionPlan-Reports" }, { "name" : "Activity" }, { "name" : "Analyses" }, { "name" : "Analyses-Reports" }, { "name" : "Application" }, { "name" : "Architecture" }, { "name" : "Audit" }, { "name" : "Defect" }, { "name" : "Delivery" }, { "name" : "Documentation" }, { "name" : "GlobalStats" }, { "name" : "Information" }, { "name" : "Insights" }, { "name" : "Insights Custom Components" }, { "name" : "Languages" }, { "name" : "Management" }, { "name" : "Portfolio" }, { "name" : "Security" }, { "name" : "User" }, { "name" : "UserGroup" } ], "schemes" : [ "https", "http" ], "paths" : { "/actionPlan" : { "get" : { "tags" : [ "ActionPlan" ], "summary" : "Get progress summary of an action plan", "description" : "Obtains the current and the past main metrics and indicators of an application for an action plan. If there are more than one action plans with the same name, this endpoint returns the most recent action plan's information.", "operationId" : "getActionPlan", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan", "schema" : { "$ref" : "#/definitions/ActionPlanProgressResponse" } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/defects/all" : { "get" : { "tags" : [ "ActionPlan" ], "summary" : "Get all defects of an action plan", "description" : "Obtains all defects included in an action plan. If there are more than one action plans with the same name, this endpoint returns the most recent action plan's information.", "operationId" : "getActionPlanAllDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan defects", "schema" : { "$ref" : "#/definitions/ActionPlanDefectsResponse" } }, "400" : { "description" : "Invalid creation date format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/defects/pending" : { "get" : { "tags" : [ "ActionPlan" ], "summary" : "Get pending defects of an action plan", "description" : "Obtains the pending defects of an action plan compared with a concrete analysis. If there are more than one action plans with the same name, this endpoint returns the most recent action plan's information. If there are more than one analysis with the same label, uses the most recent analysis of them.", "operationId" : "getActionPlanPendingDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "analysisLabel", "in" : "query", "description" : "Analysis label. If empty it compares with last analysis", "required" : false, "type" : "string", "x-example" : "A-7e3-16dc9e2913" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" }, { "name" : "orderBy", "in" : "query", "description" : "Sorting criteria: priority/effort", "required" : false, "type" : "string", "x-example" : "priority", "enum" : [ "priority", "effort" ] }, { "name" : "asc", "in" : "query", "description" : "Sort ascending: true/false", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "limit", "in" : "query", "description" : "Max number of defects returned", "required" : false, "type" : "integer", "x-example" : 100 }, { "name" : "characteristics", "in" : "query", "description" : "Comma-separated list of characteristics to filter by", "required" : false, "type" : "string", "x-example" : "Security, Efficiency", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, { "name" : "languages", "in" : "query", "description" : "Comma-separated list of languages to filter by", "required" : false, "type" : "string", "x-example" : "java, php" }, { "name" : "priorities", "in" : "query", "description" : "Comma-separated list of priorities(Very low, Low, Normal, High, Very high) to filter by", "required" : false, "type" : "string", "x-example" : "Very high, High", "enum" : [ "Very low", "Low", "Normal", "High", "Very high" ] }, { "name" : "fileContains", "in" : "query", "description" : "Use this param to filter defects by file name", "required" : false, "type" : "string", "x-example" : "FileSystemRepository.java" } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan pending defects", "schema" : { "$ref" : "#/definitions/ActionPlanPendingDefectsResponse" } }, "400" : { "description" : "Invalid creation date format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/defects/removed" : { "get" : { "tags" : [ "ActionPlan" ], "summary" : "Get removed defects of an action plan", "description" : "Obtains the removed defects of an action plan compared with a concrete analysis. If there are more than one action plans with the same name, this endpoint returns the most recent action plan's information. If there are more than one analysis with the same label, uses the most recent analysis of them.", "operationId" : "getActionPlanRemovedDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "analysisLabel", "in" : "query", "description" : "Analysis label. If empty it compares with last analysis", "required" : false, "type" : "string", "x-example" : "A-7e3-16dc9e2913" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan removed defects", "schema" : { "$ref" : "#/definitions/ActionPlanRemovedDefectsResponse" } }, "400" : { "description" : "Invalid creation date format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/progress/export" : { "get" : { "tags" : [ "ActionPlan-Reports" ], "summary" : "Get progress report of an action plan", "description" : "Get progress report of an action plan or JSON with errors", "operationId" : "generateReportActionPlanProgress", "produces" : [ "application/pdf", "text/csv", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" }, { "name" : "type", "in" : "query", "description" : "Type of report", "required" : false, "type" : "string", "default" : "PDF", "x-example" : "PDF", "enum" : [ "CSV", "PDF" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan progress report", "schema" : { "type" : "file" } }, "400" : { "description" : "Invalid parameter" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/security/export" : { "get" : { "tags" : [ "ActionPlan-Reports" ], "summary" : "Get security report of an action plan", "description" : "Get security report of an action plan or JSON with errors", "operationId" : "generateReportActionPlanSecurity", "produces" : [ "application/pdf", "text/csv", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" }, { "name" : "type", "in" : "query", "description" : "Type of report", "required" : false, "type" : "string", "default" : "PDF", "x-example" : "PDF", "enum" : [ "CSV", "PDF" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan progress report", "schema" : { "type" : "file" } }, "400" : { "description" : "Invalid parameter" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlan/security/progress/export" : { "get" : { "tags" : [ "ActionPlan-Reports" ], "summary" : "Get security progress report of an action plan", "description" : "Get security progress report of an action plan or JSON with errors", "operationId" : "generateReportActionPlanSecurityProgress", "produces" : [ "application/pdf", "text/csv", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "name", "in" : "query", "description" : "Action plan name", "required" : true, "type" : "string", "x-example" : "ActionPlan1" }, { "name" : "creation", "in" : "query", "description" : "Action plan creation date", "required" : false, "type" : "string", "format" : "date-time", "x-example" : "2019-08-03T10:15:30Z" }, { "name" : "type", "in" : "query", "description" : "Type of report", "required" : false, "type" : "string", "default" : "PDF", "x-example" : "PDF", "enum" : [ "CSV", "PDF" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of an action plan progress report", "schema" : { "type" : "file" } }, "400" : { "description" : "Invalid parameter" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/actionPlans" : { "get" : { "tags" : [ "ActionPlan" ], "summary" : "Get available action plans", "description" : "List action plans of an application.", "operationId" : "getActionPlans", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successful retrieval of action plans", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ActionPlanDetailResponse" } } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Application does not exist" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/activity" : { "get" : { "tags" : [ "Activity" ], "summary" : "Get list of users activity", "description" : "List users activity with different parameters to filter data. See parameters section.", "operationId" : "listActivities", "produces" : [ "application/json" ], "parameters" : [ { "name" : "action", "in" : "query", "description" : "Action name to filter results", "required" : false, "type" : "string", "x-example" : "CREATE" }, { "name" : "user", "in" : "query", "description" : "User which did the activity", "required" : false, "type" : "string", "x-example" : "user" }, { "name" : "elementType", "in" : "query", "description" : "Type of activity", "required" : false, "type" : "string", "x-example" : "Analysis" }, { "name" : "description", "in" : "query", "description" : "Activity description", "required" : false, "type" : "string", "x-example" : "uploaded results" }, { "name" : "affectedUser", "in" : "query", "description" : "Filter results by affected items: User", "required" : false, "type" : "string", "x-example" : "otherUser" }, { "name" : "affectedModel", "in" : "query", "description" : "Filter results by affected items: Model", "required" : false, "type" : "string", "x-example" : "CQM" }, { "name" : "affectedApplication", "in" : "query", "description" : "Filter results by affected items: Application", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "affectedAudit", "in" : "query", "description" : "Filter results by affected items: Audit", "required" : false, "type" : "string", "x-example" : "myAudit" }, { "name" : "startDate", "in" : "query", "description" : "Filter by date range - starting from the date", "required" : false, "type" : "string", "x-example" : "2019-11-01T00:00:00Z" }, { "name" : "endDate", "in" : "query", "description" : "Filter by date range - ending with the date", "required" : false, "type" : "string", "x-example" : "2019-11-01T23:59:59Z" }, { "name" : "startIndex", "in" : "query", "description" : "The number of start index to display (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "The number of activities to display (defaults to 10)", "required" : false, "type" : "integer", "default" : 10, "x-example" : 10 }, { "name" : "sortBy", "in" : "query", "description" : "The field to sort by", "required" : false, "type" : "string", "x-example" : "date", "enum" : [ "action", "user", "date", "elementType", "description" ] }, { "name" : "sortOrder", "in" : "query", "description" : "The sort order", "required" : false, "type" : "string", "x-example" : "asc", "enum" : [ "asc", "desc" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of activity data", "schema" : { "$ref" : "#/definitions/ActivityResponse" } }, "400" : { "description" : "Malformed request" }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/analysis" : { "delete" : { "tags" : [ "Analyses" ], "summary" : "Delete analysis", "description" : "Delete the specified analysis. The analysis code parameter can refernce a baseline or a delivery. Runnning or enqueued analyses can be also deleted. Note that when a baseline analysis is specified, all its related deliveries will be deleted as well. This endpoint returns the deleted analyses' codes.", "operationId" : "deleteAnalysis", "produces" : [ "application/json" ], "parameters" : [ { "name" : "analysisCode", "in" : "query", "description" : "Analysis code to delete", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Analysis deleted successfully", "schema" : { "type" : "array", "items" : { "type" : "string" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/analysis/list" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get list of analysis", "description" : "List analysis with different parameters to filter data. See parameters section.", "operationId" : "listAnalysis", "produces" : [ "application/json" ], "parameters" : [ { "name" : "applicationName", "in" : "query", "description" : "Application name to filter results", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "initDate", "in" : "query", "description" : "Initial date to start search", "required" : false, "type" : "string", "x-example" : "2019-11-01T00:00:00Z" }, { "name" : "endDate", "in" : "query", "description" : "End date to search", "required" : false, "type" : "string", "x-example" : "2019-11-01T23:59:59Z" }, { "name" : "status", "in" : "query", "description" : "Status to filter analysis", "required" : false, "type" : "string", "x-example" : "SUCCESS", "enum" : [ "SUCCESS", "FAIL", "INPROGRESS" ] }, { "name" : "auditStatus", "in" : "query", "description" : "Audit status to filter analysis (only apply to analysis that has audits)", "required" : false, "type" : "string", "x-example" : "OK", "enum" : [ "OK", "FAIL" ] }, { "name" : "deliveries", "in" : "query", "description" : "If the list of analysis must include only deliveries (true) or ignore deliveries (false), if this parameter has not value then all analysis will be returned", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "How many analysis in each page (defaults to 500)", "required" : false, "type" : "integer", "default" : 500, "x-example" : 500 } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/AnalysisSearchResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications" : { "get" : { "tags" : [ "Application" ], "summary" : "Get applications (DEPRECATED)", "description" : "Retrieves applications for the authenticated user. This endpoint is deprecated and will be removed in future. Please use the GET /applications/list endpoint instead.", "operationId" : "getApplications", "produces" : [ "application/json" ], "parameters" : [ { "name" : "activityInfo", "in" : "query", "description" : "controls whether to include creation, baseline and delivery info", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of applications", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ApplicationResponse" } } }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ], "deprecated" : true }, "post" : { "tags" : [ "Management" ], "summary" : "Create application", "description" : "Creates a new application in your account.", "operationId" : "createApplicationNew", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the application to create", "required" : true, "schema" : { "$ref" : "#/definitions/ApplicationManagementRequest" } } ], "responses" : { "200" : { "description" : "Successfully created application", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "put" : { "tags" : [ "Management" ], "summary" : "Update application with query parameter", "description" : "Modifies the information of an application in your account.", "operationId" : "updateApplicationWithQueryParameter", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the application to modify", "required" : true, "schema" : { "$ref" : "#/definitions/ApplicationManagementRequest" } } ], "responses" : { "200" : { "description" : "Successfully modified application", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "delete" : { "tags" : [ "Management" ], "summary" : "Delete application", "description" : "Deletes an application of your account.", "operationId" : "deleteApplication", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successfully deleted application", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analyses" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get list of all analysis codes for an application", "description" : "List all analysis codes for an application.", "operationId" : "listAnalyses", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "success", "in" : "query", "description" : "Set to true or false to retrieve only succeeded or failed, respectively", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "filterPurgedAnalyses", "in" : "query", "description" : "Set to true to not retrieve purged analyses", "required" : false, "type" : "boolean", "default" : true, "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "count", "in" : "query", "description" : "Limit results", "required" : false, "type" : "integer", "x-example" : 100 } ], "responses" : { "200" : { "description" : "Successful retrieval of analyses list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/AnalysisResponse" } } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Application does not exist" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analysis/defects/export" : { "get" : { "tags" : [ "Analyses-Reports" ], "summary" : "Get defects CSV/SARIF report of an analysis", "description" : "Obtains a CSV or SARIF report of the specified analysis code or the last analysis of the application name.", "operationId" : "generateReportDefects", "produces" : [ "text/csv", "application/json", "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "type", "in" : "query", "description" : "type of report", "required" : false, "type" : "string", "default" : "CSV", "x-example" : "CSV", "enum" : [ "CSV", "SARIF" ] } ], "responses" : { "200" : { "description" : "Successfully retrieval of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analysis/security/summary/export" : { "get" : { "tags" : [ "Analyses-Reports" ], "summary" : "Get security PDF report of an analysis", "description" : "Obtains a security report of the specified analysis code or the last analysis of the application name in PDF format.", "operationId" : "generateReportSummaryCS", "produces" : [ "application/pdf", "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successfully retrieval of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analysis/summary/export" : { "get" : { "tags" : [ "Analyses-Reports" ], "summary" : "Get PDF report of an analysis", "description" : "Obtains a report of the specified analysis code or the last analysis of the application name in PDF format.", "operationId" : "generateReportSummaryCA", "produces" : [ "application/pdf", "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successfully retrieval of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analysis/vulnerabilities/defect" : { "get" : { "tags" : [ "Analyses-Reports" ], "summary" : "Get security CSV/vulnerabilities report of an analysis", "description" : "Obtains a security report of the specified Native ID in CSV or Threadfix format.", "operationId" : "generateReportVulnerabilitiesBasedNativeID", "produces" : [ "text/csv", "application/json" ], "parameters" : [ { "name" : "nativeId", "in" : "query", "description" : "Defect ID", "required" : false, "type" : "integer", "x-example" : 1123 } ], "responses" : { "200" : { "description" : "Successfully retrieval of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/analysis/vulnerabilities/export" : { "get" : { "tags" : [ "Analyses-Reports" ], "summary" : "Get security CSV/SARIF/Threadfix report of an analysis", "description" : "Obtains a security report of the specified analysis code or the last analysis of the application name in CSV, SARIF or Threadfix format.", "operationId" : "generateReportVulnerabilities", "produces" : [ "text/csv", "application/json", "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "type", "in" : "query", "description" : "type of report", "required" : false, "type" : "string", "default" : "CSV", "x-example" : "CSV", "enum" : [ "CSV", "THREADFIX", "SARIF" ] } ], "responses" : { "200" : { "description" : "Successfully retrieval of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/defects" : { "get" : { "tags" : [ "Application" ], "summary" : "Get list of application defects", "description" : "List application defects for the indicated application.", "operationId" : "getDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "characteristics", "in" : "query", "description" : "Comma-separated list of characteristics to filter by", "required" : false, "type" : "string", "x-example" : "Security, Efficiency", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, { "name" : "languages", "in" : "query", "description" : "Comma-separated list of languages to filter by", "required" : false, "type" : "string", "x-example" : "java, php" }, { "name" : "priorities", "in" : "query", "description" : "Comma-separated list of priorities(Very low, Low, Normal, High, Very high) to filter by", "required" : false, "type" : "string", "x-example" : "Very high, High", "enum" : [ "Very low", "Low", "Normal", "High", "Very high" ] }, { "name" : "fileContains", "in" : "query", "description" : "Use this param to filter defects by file name", "required" : false, "type" : "string", "x-example" : "FileSystemRepository.java" }, { "name" : "orderBy", "in" : "query", "description" : "Sorting criteria (one of 'priority' or 'effort')", "required" : false, "type" : "string", "x-example" : "priority", "enum" : [ "priority", "effort" ] }, { "name" : "asc", "in" : "query", "description" : "Set to true to sort ascending (default is not set), false for descending", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "How many defects in each page (defaults to 500)", "required" : false, "type" : "integer", "default" : 500, "x-example" : 500 } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis defects list", "schema" : { "$ref" : "#/definitions/AnalysisDefectsResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/defects/mute" : { "post" : { "tags" : [ "Defect" ], "summary" : "Create mutes for a rule/file", "description" : "Create mute patterns for this ruleCode or file\n\nAllowed Combinations of parameters:- \n\n- Only rule parameter can be used to create mute pattern for a specific rule,\n- Only fileName parameter can be passed to create mute pattern for a specific file, regardless of rule\n- rule parameter can be combined with filePattern parameter to create mute pattern for a certain rule belonging to a set of filePatterns\n- rule parameter can be combined with fileName parameter to create mute pattern for a certain rule belonging to a specific file\n\nInvalid cases of parameters:- \n\n- Either rule or file pattern parameters must have a valid value otherwise it will throw an error\n- Only one of fileName or filePattern parameter should be passed otherwise it will throw an error\n- Passing only filePattern parameter will throw an error", "operationId" : "muteByRuleOrFile", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application Name", "required" : true, "type" : "string", "x-example" : "test" }, { "name" : "rule", "in" : "query", "description" : "Rule Code", "required" : false, "type" : "string", "x-example" : "OPT.JAVA.FMETODOS.NCE" }, { "name" : "filePattern", "in" : "query", "description" : "Comma-separated file patterns to mute", "required" : false, "type" : "string", "x-example" : "**/ViewIssuedBooks.java,**/Library.java" }, { "name" : "fileName", "in" : "query", "description" : "File name to mute", "required" : false, "type" : "string", "x-example" : "Library/src/Library.java" }, { "name" : "why", "in" : "query", "description" : "Mute reason", "required" : false, "type" : "string", "x-example" : "GENERATED_CODE", "enum" : [ "NONE", "FALSE_POSITIVE", "TOO_MANY_DEFECTS", "GENERATED_CODE", "TOO_COMPLEX_CODE", "ACCEPTED_RISK", "OTHER" ] }, { "name" : "comment", "in" : "query", "description" : "Mute comment", "required" : false, "type" : "string", "x-example" : "Muted this rule/file because it is generated code" } ], "responses" : { "200" : { "description" : "Successfully created a suppression rule", "schema" : { "type" : "integer", "format" : "int32" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/defects/stillopen" : { "get" : { "tags" : [ "Application" ], "summary" : "Get Application Defects Still Open since date", "description" : "Get Application defects still open on latest analysis( or atAnalysisCode if provided) sinceDate (or previous sinceAnalysisCode if provided). Can be filtered by onlySecurity or by withRuleTag. Paginated", "operationId" : "getDefectsStillOpen", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application Name", "required" : true, "type" : "string", "x-example" : "MyApp" }, { "name" : "sinceDate", "in" : "query", "description" : "Defects open since this date", "required" : false, "type" : "string", "x-example" : "2019-11-01T00:00:00Z" }, { "name" : "sinceAnalysisCode", "in" : "query", "description" : "Find defects still open at this analyis", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "atAnalysisCode", "in" : "query", "description" : "Find defects that were already open on this Analysis", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "onlyCodeSecurity", "in" : "query", "description" : "Only Defects on Code Security rules", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "withRuleTags", "in" : "query", "description" : "Only Defects Open from the Rules with the matching tags (split by ',')", "required" : false, "type" : "string", "x-example" : "hardcoded-path" }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "How many defects in each page (defaults to 500)", "required" : false, "type" : "integer", "default" : 500, "x-example" : 500 } ], "responses" : { "200" : { "description" : "Successful retrieval of defects still open", "schema" : { "$ref" : "#/definitions/DefectsKeptInCommonDetailResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/deliveries" : { "get" : { "tags" : [ "Delivery" ], "summary" : "Get deliveries of an application", "description" : "Obtains the deliveries indicating the name of the application.", "operationId" : "listDeliveries", "produces" : [ "application/json" ], "parameters" : [ { "name" : "maxdays", "in" : "query", "description" : "Max number of days old of deliveries returned", "required" : false, "type" : "integer", "format" : "int32", "x-example" : 30 }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "Limit results", "required" : false, "type" : "integer", "x-example" : 500 }, { "name" : "auditSuccess", "in" : "query", "description" : "Set to true or false to retrieve only succeeded or failed audit delivery, respectively", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "filterPurgedAnalyses", "in" : "query", "description" : "Set to true to not retrieve purged analyses", "required" : false, "type" : "boolean", "default" : true, "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "changeRequestFilter", "in" : "query", "description" : "To filter deliveries by changeRequest", "required" : false, "type" : "string", "x-example" : "CR_21.11.1019" } ], "responses" : { "200" : { "description" : "Successful retrieval of deliveries list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/AnalysisResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/files" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get list of files with metric values and defects of the latest analysis", "description" : "List files with metric values and defects of the latest analysis for the named application.", "operationId" : "getFiles", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis files list", "schema" : { "$ref" : "#/definitions/AnalysisFilesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/last_analysis" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get last analysis", "description" : "Retrieves last analysis for the authenticated user and the application indicated.", "operationId" : "getLastAnalysis", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successful retrieval of applications", "schema" : { "$ref" : "#/definitions/ApplicationAnalysisResponse" } }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/list" : { "get" : { "tags" : [ "Application" ], "summary" : "Get applications filtered", "description" : "Retrieves applications for the authenticated user filtered.", "operationId" : "getApplicationsList", "produces" : [ "application/json" ], "parameters" : [ { "name" : "applicationName", "in" : "query", "description" : "Application name to filter", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "exactApplicationName", "in" : "query", "description" : "Indicates if the applicationName must be equals (ignore case). Only apply if applicationName is provided", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "initDateAnalysis", "in" : "query", "description" : "Initial date to start search applications that are analyzed after this date", "required" : false, "type" : "string", "x-example" : "2019-11-01T00:00:00Z" }, { "name" : "endDateAnalysis", "in" : "query", "description" : "End date to start search applications that are analyzed before this date", "required" : false, "type" : "string", "x-example" : "2019-11-01T23:59:59Z" }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "How many applications in each page (defaults to 500)", "required" : false, "type" : "integer", "default" : 500, "x-example" : 500 }, { "name" : "orderBy", "in" : "query", "description" : "'Order by' for results", "required" : false, "type" : "string", "x-example" : "applicationName", "enum" : [ "applicationName", "analysisDate" ] }, { "name" : "asc", "in" : "query", "description" : "Ascending or descending order", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "activityInfo", "in" : "query", "description" : "controls wether to included creation, baseline and delivery info", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of applications filtered", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ApplicationResponse" } } }, "400" : { "description" : "Bad request" }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/{application}" : { "put" : { "tags" : [ "Management" ], "summary" : "Update application", "description" : "Modifies the information of an application in your account.", "operationId" : "updateApplication", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the application to modify", "required" : true, "schema" : { "$ref" : "#/definitions/ApplicationManagementRequest" } }, { "name" : "application", "in" : "path", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successfully updated application", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/{application}/defect/{defectId}/firstdate" : { "get" : { "tags" : [ "Application" ], "summary" : "Get First date of defect", "description" : "Retrieves the first date when a defect was detected ", "operationId" : "getDefectFirstDate", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "path", "description" : "Application Name", "required" : true, "type" : "string", "x-example" : "MyApp" }, { "name" : "defectId", "in" : "path", "description" : "Defect ID", "required" : true, "type" : "string", "x-example" : "17375778" } ], "responses" : { "200" : { "description" : "Successful retrieval of date", "schema" : { "type" : "string", "format" : "date-time" } }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/{application}/mutepatterns" : { "get" : { "tags" : [ "Application" ], "summary" : "Get Application mute patterns ", "description" : "Get Application mute patterns", "operationId" : "getMutepatterns", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "path", "description" : "Application Name", "required" : true, "type" : "string", "x-example" : "MyApp" } ], "responses" : { "200" : { "description" : "Successful retrieval of Mute Patterns ", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/MutePatternResponse" } } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/applications/{application}/users/roles" : { "get" : { "tags" : [ "Management" ], "summary" : "Get users roles for application", "description" : "Get users roles for application. Use 'username' and 'exactUsername' to filter results.", "operationId" : "getUsersRolesApplication", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "path", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "username", "in" : "query", "description" : "'username' mask to filter results", "required" : false, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "exactUsername", "in" : "query", "description" : "Indicates if the username must be equals (ignore case). Only apply if username is provided", "required" : false, "type" : "boolean", "x-example" : true } ], "responses" : { "200" : { "description" : "Successful retrieval users application roles", "schema" : { "$ref" : "#/definitions/UserApplicationRoleResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/apps/analysis/{code}" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get application analysis", "description" : "Retrieves analysis results for a concrete analysis specified by code parameter.", "operationId" : "getAnalysis", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16dc9e29131" } ], "responses" : { "200" : { "description" : "Successful retrieval of application analysis", "schema" : { "$ref" : "#/definitions/AnalysisResultResponse" } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Application does not exist" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/apps/analysis/{code}/defects" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get list of analysis defects", "description" : "List analysis defects for a concrete analysis specified by analysisCode parameter.", "operationId" : "getAnalysisDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "characteristics", "in" : "query", "description" : "Comma-separated list of characteristics to filter by", "required" : false, "type" : "string", "x-example" : "Security, Efficiency", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, { "name" : "languages", "in" : "query", "description" : "Comma-separated list of languages to filter by", "required" : false, "type" : "string", "x-example" : "java, php" }, { "name" : "priorities", "in" : "query", "description" : "Comma-separated list of priorities(Very low, Low, Normal, High, Very high) to filter by", "required" : false, "type" : "string", "x-example" : "Very high, High", "enum" : [ "Very low", "Low", "Normal", "High", "Very high" ] }, { "name" : "fileContains", "in" : "query", "description" : "Use this param to filter defects by file name", "required" : false, "type" : "string", "x-example" : "FileSystemRepository.java" }, { "name" : "orderBy", "in" : "query", "description" : "Sorting criteria (one of 'priority' or 'effort')", "required" : false, "type" : "string", "x-example" : "priority", "enum" : [ "priority", "effort" ] }, { "name" : "asc", "in" : "query", "description" : "Set to true to sort ascending (default is not set), false for descending", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "page", "in" : "query", "description" : "Number of results page (defaults to 1)", "required" : false, "type" : "integer", "default" : 1, "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "How many defects in each page (defaults to 500)", "required" : false, "type" : "integer", "default" : 500, "x-example" : 500 }, { "name" : "muted", "in" : "query", "description" : "Use this param to filter defects by their mute status", "required" : false, "type" : "string", "x-example" : "true", "enum" : [ "true", "false" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis defects list", "schema" : { "$ref" : "#/definitions/AnalysisDefectsResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/apps/analysis/{code}/defects/compare/{previouscode}" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get comparison of the defects found in two different analysis", "description" : "Get the net number of new and removed defects and violated rules after comparing 2 given analyses.", "operationId" : "getAnalysisDelta", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "previouscode", "in" : "path", "description" : "Previous analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16dc9e29131" } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis compare defects", "schema" : { "$ref" : "#/definitions/DefectsDeltaResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/apps/analysis/{code}/defects/compare/{previouscode}/{defectstype}" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get the list of new/removed defects in a comparison", "description" : "Get the list of new/removed defects in an analysis from the previous analysis.", "operationId" : "getAnalysisDefectsDelta", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "previouscode", "in" : "path", "description" : "Previous analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16dc9e29131" }, { "name" : "defectstype", "in" : "path", "description" : "Either 'new' or 'removed'", "required" : true, "type" : "string", "x-example" : "new", "enum" : [ "new", "removed" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of new or removed defects for an analysis", "schema" : { "$ref" : "#/definitions/DefectsDeltaDetailResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/apps/analysis/{code}/files" : { "get" : { "tags" : [ "Analyses" ], "summary" : "Get list of files with metric values and defects for a specific analysis", "description" : "List files with metric values and defects for a specific analysis.", "operationId" : "getAnalysisFiles", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis files", "schema" : { "$ref" : "#/definitions/AnalysisFilesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/arch/impact/searchSources" : { "post" : { "tags" : [ "Architecture" ], "summary" : "Get list of sources that impact on a component with the specified targetId", "description" : "List of sources that impact on a component with the specified targetId in analysis for a concrete analysis specified by analysisCode parameter or application name specified in applicationName parameter by filters and pagination.", "operationId" : "searchSources", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "Analysis impact request for sources", "required" : true, "schema" : { "$ref" : "#/definitions/SearchSourcesImpactRequest" } } ], "responses" : { "200" : { "description" : "Successful retrieval of sources list", "schema" : { "$ref" : "#/definitions/SearchImpactResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/arch/impact/searchTargets" : { "post" : { "tags" : [ "Architecture" ], "summary" : "Get list of impacted components", "description" : "List impacted components in analysis for a concrete analysis specified by analysisCode parameter or application name specified in applicationName parameter by filters and pagination.", "operationId" : "searchTargets", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "Analysis impact request", "required" : true, "schema" : { "$ref" : "#/definitions/SearchTargetsImpactRequest" } } ], "responses" : { "200" : { "description" : "Successful retrieval of impacted components list", "schema" : { "$ref" : "#/definitions/SearchImpactResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/arch/impact/subGraph" : { "post" : { "tags" : [ "Architecture" ], "summary" : "Get sub graph of analysis impact", "description" : "Get sub graph of analysis impact in analysis for a concrete analysis specified by analysisCode parameter or application name specified in applicationName parameter by source id and target id.", "operationId" : "subGraph", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "Get sub graph of analysis impact", "required" : true, "schema" : { "$ref" : "#/definitions/SubGraphImpactRequest" } } ], "responses" : { "200" : { "description" : "Successful retrieval of analysis inpact sub graph ", "schema" : { "$ref" : "#/definitions/SubGraphImpactResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/arch/list" : { "post" : { "tags" : [ "Architecture" ], "summary" : "Get list of components by filter and pagination", "description" : "List components in analysis for a concrete analysis specified by analysisCode parameter or application name specified in applicationName parameter by filter and pagination.", "operationId" : "listComponents", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "List components request", "required" : true, "schema" : { "$ref" : "#/definitions/ListComponentsRequest" } } ], "responses" : { "200" : { "description" : "Successful retrieval of components list", "schema" : { "$ref" : "#/definitions/ListComponentsResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/auditResult" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get audit result", "description" : "Get an audit result with defects count by priority", "operationId" : "getAuditResult", "produces" : [ "application/json" ], "parameters" : [ { "name" : "deliveryCode", "in" : "query", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of audit result", "schema" : { "$ref" : "#/definitions/AuditResultResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/auditResult/components" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get the results from insights in delivery analyses", "description" : "Obtains a list of Audit result components for an application name specified in application parameter and a concrete delivery analysis specified by deliveryCode parameter.", "operationId" : "auditResultComponents", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "deliveryCode", "in" : "query", "description" : "Delivery", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "limit", "in" : "query", "description" : "Maximum number of components", "required" : false, "type" : "string", "x-example" : "10" }, { "name" : "securityRisk", "in" : "query", "description" : "Comma-separated list of security risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "licenseRisk", "in" : "query", "description" : "Comma-separated list of license risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "obsolescenceRisk", "in" : "query", "description" : "Comma-separated list of obsolescence risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "status", "in" : "query", "description" : "Component status", "required" : false, "type" : "string", "x-example" : "New", "enum" : [ "New", "Removed", "Modified" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of components", "schema" : { "$ref" : "#/definitions/ListInsightsComponentsResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/auditResult/defects" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get audit result defects", "description" : "Get defects of an audit result", "operationId" : "getAuditDefects", "produces" : [ "application/json" ], "parameters" : [ { "name" : "deliveryCode", "in" : "query", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "characteristics", "in" : "query", "description" : "Comma-separated list of characteristics to filter by", "required" : false, "type" : "string", "x-example" : "Security, Efficiency", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, { "name" : "languages", "in" : "query", "description" : "Comma-separated list of languages to filter by", "required" : false, "type" : "string", "x-example" : "java, php" }, { "name" : "priorities", "in" : "query", "description" : "Comma-separated list of priorities(Very low, Low, Normal, High, Very high) to filter by", "required" : false, "type" : "string", "x-example" : "Very high, High", "enum" : [ "Very low", "Low", "Normal", "High", "Very high" ] }, { "name" : "fileContains", "in" : "query", "description" : "Use this param to filter defects by file name", "required" : false, "type" : "string", "x-example" : "FileSystemRepository.java" }, { "name" : "orderBy", "in" : "query", "description" : "Sorting criteria: priority/effort", "required" : false, "type" : "string", "x-example" : "priority", "enum" : [ "priority", "effort" ] }, { "name" : "asc", "in" : "query", "description" : "Sort ascending: true/false", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] }, { "name" : "limit", "in" : "query", "description" : "Max number of defects returned", "required" : false, "type" : "integer", "format" : "int32", "x-example" : 100 } ], "responses" : { "200" : { "description" : "Successful retrieval of audit result defects", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/audits/checkpoints/violatedrules/files" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get list of files", "description" : "List files with a violated rule of an audit", "operationId" : "getFilesWithGET", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "deliveryCode", "in" : "query", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "ruleCode", "in" : "query", "description" : "Rule code", "required" : true, "type" : "string", "x-example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule" }, { "name" : "checkpoint", "in" : "query", "description" : "Checkpoint id", "required" : true, "type" : "string", "x-example" : "3452" } ], "responses" : { "200" : { "description" : "Successful retrieval of files list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/FileWithDefectsResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/audits/checkpoints/violatedrules/files/defects" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get list of defects of file", "description" : "List defects in a file", "operationId" : "getLinesWithGET", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "deliveryCode", "in" : "query", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "ruleCode", "in" : "query", "description" : "Rule code", "required" : true, "type" : "string", "x-example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule" }, { "name" : "file", "in" : "query", "description" : "File name", "required" : true, "type" : "string", "x-example" : "FileSystemRepository.java" }, { "name" : "checkpoint", "in" : "query", "description" : "Checkpoint id", "required" : true, "type" : "string", "x-example" : "3452" } ], "responses" : { "200" : { "description" : "Successful retrieval of defects line list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/DefectLineResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/audits/result/componentsPDF" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get PDF report of insight", "description" : "Obtains an audits result report for an application name specified in application parameter and a concrete analysis specified by deliveryCode parameter.", "operationId" : "getAuditResultComponentsPDF", "produces" : [ "application/pdf", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "deliveryCode", "in" : "query", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "limit", "in" : "query", "description" : "Maximum number of components", "required" : false, "type" : "string", "x-example" : "10" }, { "name" : "securityRisk", "in" : "query", "description" : "Comma-separated list of security risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "licenseRisk", "in" : "query", "description" : "Comma-separated list of license risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "obsolescenceRisk", "in" : "query", "description" : "Comma-separated list of obsolescence risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "status", "in" : "query", "description" : "Component status", "required" : false, "type" : "string", "x-example" : "New", "enum" : [ "New", "Removed", "Modified" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/audits/result/export" : { "get" : { "tags" : [ "Audit" ], "summary" : "Get audit result PDF report", "description" : "Obtains an audit report of the specified delivery in PDF format. It is necessary an analysis code or an application name and change request", "operationId" : "generateAuditResultReport", "produces" : [ "application/pdf", "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "changeRequest", "in" : "query", "description" : "Change request", "required" : false, "type" : "string", "x-example" : "CR_11.01.2020" }, { "name" : "deliveryLabel", "in" : "query", "description" : "Delivery label", "required" : false, "type" : "string", "x-example" : "delivery_11.01.2020" } ], "responses" : { "200" : { "description" : "Successful retrieval of an audit result report", "schema" : { "type" : "file" } }, "400" : { "description" : "Invalid parameter" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/defect/{defectId}/mute" : { "post" : { "tags" : [ "Defect" ], "summary" : "Create suppresion rule for a defect", "description" : "Create a suppression rule for this defect.", "operationId" : "muteDefect", "produces" : [ "application/json" ], "parameters" : [ { "name" : "defectId", "in" : "path", "description" : "Defect identifier", "required" : true, "type" : "integer", "format" : "int64", "x-example" : 17375778 }, { "name" : "why", "in" : "query", "description" : "Mute reason", "required" : false, "type" : "string", "x-example" : "GENERATED_CODE", "enum" : [ "NONE", "FALSE_POSITIVE", "TOO_MANY_DEFECTS", "GENERATED_CODE", "TOO_COMPLEX_CODE", "ACCEPTED_RISK", "OTHER" ] }, { "name" : "comment", "in" : "query", "description" : "Mute comment", "required" : false, "type" : "string", "x-example" : "Muted this defect because it is generated code" }, { "name" : "muteBy", "in" : "query", "description" : "Mute By", "required" : false, "type" : "string", "x-example" : "LINE_NUMBER", "enum" : [ "LINE_NUMBER(default)", "SOURCE_CODE" ] } ], "responses" : { "200" : { "description" : "Successfully created a suppression rule", "schema" : { "type" : "integer", "format" : "int32" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/defect/{defectId}/notes" : { "get" : { "tags" : [ "Defect" ], "summary" : "Get defect notes", "description" : "Obtains the list of notes associated to this defect.", "operationId" : "getDefectNotes", "produces" : [ "application/json" ], "parameters" : [ { "name" : "defectId", "in" : "path", "description" : "Defect identifier", "required" : true, "type" : "integer", "format" : "int64", "x-example" : 17375778 } ], "responses" : { "200" : { "description" : "Successful retrieval of a defect notes list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/DefectNoteResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/defect/{defectId}/status" : { "post" : { "tags" : [ "Defect" ], "summary" : "Update the status of a defect", "description" : "Update status of this defect and add a note, possible status are (NONE, TO_REVIEW, REVIEWED)", "operationId" : "updateStatus", "produces" : [ "application/json" ], "parameters" : [ { "name" : "defectId", "in" : "path", "description" : "Defect identifier", "required" : true, "type" : "integer", "format" : "int64", "x-example" : 17375778 }, { "name" : "status", "in" : "query", "description" : "Defect status", "required" : true, "type" : "string", "x-example" : "TO_REVIEW", "enum" : [ "NONE", "TO_REVIEW", "REVIEWED" ] }, { "name" : "note", "in" : "query", "description" : "Note detail", "required" : false, "type" : "string", "x-example" : "To review by security experts" } ], "responses" : { "200" : { "description" : "Successfully updated defect status" }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/deliveries/junit" : { "get" : { "tags" : [ "Delivery" ], "summary" : "Get JUnit report of Audit results", "description" : "Retrieves a JUnit XML report of an audit along with checkpoint results for a given delivery. The delivery is identified by its delivery code, and the response includes both the overall audit outcome and the status of each checkpoint evaluated during the audit.", "operationId" : "generateAudiCheckPointReport", "produces" : [ "application/xml", "application/json" ], "parameters" : [ { "name" : "deliveryCode", "in" : "query", "description" : "Unique delivery code", "required" : true, "type" : "string", "x-example" : "A-7e9-1977ed78c3e" } ], "responses" : { "200" : { "description" : "Successful retrieval of audit and checkpoint results", "schema" : { "$ref" : "#/definitions/AuditCheckpointReport" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/deliveries/last_analysis" : { "get" : { "tags" : [ "Delivery" ], "summary" : "Get information of the last successful delivery", "description" : "Obtains the information of the last successful delivery.", "operationId" : "getLastDelivery", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "changeRequest", "in" : "query", "description" : "To filter deliveries by changeRequest", "required" : false, "type" : "string", "x-example" : "CR_21.11.1019" }, { "name" : "branch", "in" : "query", "description" : "To filter deliveries by branch name", "required" : false, "type" : "string", "x-example" : "origin/develop" }, { "name" : "label", "in" : "query", "description" : "To filter deliveries by audit label", "required" : false, "type" : "string", "x-example" : "audit pre merge" } ], "responses" : { "200" : { "description" : "Successful retrieval of delivery information", "schema" : { "$ref" : "#/definitions/AnalysisResultResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/deliveries/{code}" : { "get" : { "tags" : [ "Delivery" ], "summary" : "Get information of a delivery by code", "description" : "Obtains the information of delivery indicating the code of the delivery.", "operationId" : "getDelivery", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "path", "description" : "Delivery code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of delivery information", "schema" : { "$ref" : "#/definitions/AnalysisResultResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/doc/rule" : { "get" : { "tags" : [ "Documentation" ], "summary" : "Get rule's documentation", "description" : "Obtains the documentation of a rule.", "operationId" : "getRuleDoc", "produces" : [ "application/json" ], "parameters" : [ { "name" : "modelId", "in" : "query", "description" : "Model id", "required" : true, "type" : "string", "x-example" : "4525" }, { "name" : "code", "in" : "query", "description" : "Rule code", "required" : true, "type" : "string", "x-example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule" }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successful retrieval of rule documentation", "schema" : { "$ref" : "#/definitions/RuleDocumentationResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/info" : { "get" : { "tags" : [ "Information" ], "summary" : "Get user info", "description" : "Obtains the user's information", "operationId" : "getInformation", "produces" : [ "application/json" ], "responses" : { "200" : { "description" : "Successful retrieval of user's information", "schema" : { "$ref" : "#/definitions/UserInformationResponse" } }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/applications" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get list of applications", "description" : "Lists applications that use a particular compoment. it can be filtered by group, artifact, technology and version.", "operationId" : "listApplications", "produces" : [ "application/json" ], "parameters" : [ { "name" : "artifact", "in" : "query", "description" : "Artifact name", "required" : true, "type" : "string", "x-example" : "spring-core" }, { "name" : "group", "in" : "query", "description" : "Group name", "required" : false, "type" : "string", "x-example" : "org.springframework" }, { "name" : "language", "in" : "query", "description" : "Language", "required" : false, "type" : "string", "x-example" : "java" }, { "name" : "version", "in" : "query", "description" : "Version", "required" : false, "type" : "string", "x-example" : "1.0.0" } ], "responses" : { "200" : { "description" : "Successful retrieval of applications list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ApplicationsComponentsResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/components" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get list of components", "description" : "List components in analysis for an application name specified in application parameter and a concrete analysis specified by analysisCode parameter.", "operationId" : "listInsightsComponents", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of insight components list", "schema" : { "$ref" : "#/definitions/ListInsightsComponentsResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/licenses" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get list of licenses", "description" : "List licenses in analysis for an application name specified in application parameter and a concrete analysis specified by analysisCode parameter.", "operationId" : "listLicenses", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of insight licenses detail list", "schema" : { "$ref" : "#/definitions/ListLicensesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/obsolescence" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get list of obsolescences", "description" : "List obsolescences in analysis for an application name specified in application parameter and a concrete analysis specified by analysisCode parameter.", "operationId" : "listObsolescences", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of insight obsolescence detail list", "schema" : { "$ref" : "#/definitions/ListObsolescencesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/sbom" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get SBOM report for analysis", "description" : "Obtains a CycloneDX-compliant SBOM report for a specific analysis and application.Returns JSON by default, XML if specified.", "operationId" : "insightSbomReport", "produces" : [ "application/json", "application/xml" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "format", "in" : "query", "description" : "Report format", "required" : false, "type" : "string", "x-example" : "json", "enum" : [ "json", "xml" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of SBOM report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/security" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get insight security detail list", "description" : "List security in analysis for an application name specified in application parameter and a concrete analysis specified by analysisCode parameter.", "operationId" : "listVulnerabilities", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successful retrieval of insight security detail list", "schema" : { "$ref" : "#/definitions/ListSecuritiesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/analysis/summary/export" : { "get" : { "tags" : [ "Insights" ], "summary" : "Get PDF report of insight", "description" : "Obtains an insight report for an application name specified in application parameter and a concrete analysis specified by analysisCode parameter.", "operationId" : "insightReportSummary", "produces" : [ "application/pdf", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "limit", "in" : "query", "description" : "Maximum number of components", "required" : false, "type" : "string", "x-example" : "10" }, { "name" : "securityRisk", "in" : "query", "description" : "Comma-separated list of security risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "licenseRisk", "in" : "query", "description" : "Comma-separated list of license risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] }, { "name" : "obsolescenceRisk", "in" : "query", "description" : "Comma-separated list of obsolescence risks", "required" : false, "type" : "string", "x-example" : "Unknown, Low", "enum" : [ "Unknown", "High", "Medium", "Low" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of of report", "schema" : { "type" : "file" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/component/add" : { "post" : { "tags" : [ "Insights Custom Components" ], "summary" : "Create custom component", "description" : "Creates a new custom component.", "operationId" : "createComponent", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "The component to create", "required" : true, "schema" : { "$ref" : "#/definitions/CustomComponentRestData" } } ], "responses" : { "200" : { "description" : "Successfully created custom component", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/component/delete" : { "delete" : { "tags" : [ "Insights Custom Components" ], "summary" : "Delete custom component", "description" : "Delete custom component or all components that has the same group name, artifact name and technology if the version field is not provided.", "operationId" : "deleteComponent", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the component to delete", "required" : true, "schema" : { "$ref" : "#/definitions/CustomComponentSimpleRestData" } } ], "responses" : { "200" : { "description" : "Successfully deleted custom components. In case that version is not provided then the map contains all versions with custom data and its result. The different values could be 'OK' or 'ASSOCIATED_ANALYSIS' this status is that the component has custom data but is not considered public and it is associated with an analysis.", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/component/list" : { "get" : { "tags" : [ "Insights Custom Components" ], "summary" : "Get list of custom components", "description" : "Get list of custom components.", "operationId" : "listCustomComponents", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "name" : "groupName", "in" : "query", "description" : "Group name", "required" : false, "type" : "string", "x-example" : "org.springframework" }, { "name" : "artifactName", "in" : "query", "description" : "Artifact name", "required" : false, "type" : "string", "x-example" : "spring-core" }, { "name" : "language", "in" : "query", "description" : "Language", "required" : false, "type" : "string", "x-example" : "java" }, { "name" : "version", "in" : "query", "description" : "Version", "required" : false, "type" : "string", "x-example" : "1.0.0" }, { "name" : "page", "in" : "query", "description" : "Page number of the request", "required" : false, "type" : "integer", "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "The number of the elements per page", "required" : false, "type" : "integer", "x-example" : 50 } ], "responses" : { "200" : { "description" : "Successfully get list of custom components", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/CustomComponentRestData" } } }, "400" : { "description" : "Bad request" }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/component/update" : { "put" : { "tags" : [ "Insights Custom Components" ], "summary" : "Update custom component", "description" : "Updates a existing custom component.", "operationId" : "updateComponent", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "The component to update", "required" : true, "schema" : { "$ref" : "#/definitions/UpdateCustomComponentRestData" } } ], "responses" : { "200" : { "description" : "Successfully updated custom component", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/license/artifact" : { "post" : { "tags" : [ "Insights Custom Components" ], "summary" : "Create association between licenses and artifact", "description" : "Create association between licenses and artifact", "operationId" : "createRelationLicensesArtifact", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "data to create relation between licenses and artifact", "required" : true, "schema" : { "$ref" : "#/definitions/ArtifactLicensesData" } } ], "responses" : { "200" : { "description" : "Successfully created association between licenses and artifact", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "delete" : { "tags" : [ "Insights Custom Components" ], "summary" : "Delete relationship between a license and artifact", "description" : "Delete relationship between a license and artifact", "operationId" : "deleteRelationLicenseArtifact", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "data to delete relationship between license and artifact", "required" : true, "schema" : { "$ref" : "#/definitions/SoftwareArtifactLicenseData" } } ], "responses" : { "200" : { "description" : "Successfully deleted relationship between a license and artifact", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/license/artifact/all" : { "delete" : { "tags" : [ "Insights Custom Components" ], "summary" : "Delete all relationships between licenses and artifact", "description" : "Delete all relationships between licenses and artifact", "operationId" : "deleteAllRelationsLicensesArtifact", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "data to delete all relationships between licenses and artifact", "required" : true, "schema" : { "$ref" : "#/definitions/SoftwareArtifactData" } } ], "responses" : { "200" : { "description" : "Successfully deleted all relationships between licenses and artifact", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/spdx/licenses" : { "get" : { "tags" : [ "Insights Custom Components" ], "summary" : "Get list of spdx licenses", "description" : "List spdx licenses.", "operationId" : "listSpdxLicenses", "produces" : [ "application/json" ], "parameters" : [ { "name" : "licenseName", "in" : "query", "description" : "License name", "required" : false, "type" : "string", "x-example" : "Apache" } ], "responses" : { "200" : { "description" : "Successful retrieval of spdx licenses list", "schema" : { "$ref" : "#/definitions/ListSpdxLicensesResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/vulnerability/add" : { "post" : { "tags" : [ "Insights Custom Components" ], "summary" : "Create private vulnerability", "description" : "Creates a new private vulnerability.", "operationId" : "createVulnerability", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the vulnerability to create", "required" : true, "schema" : { "$ref" : "#/definitions/PrivateVulnerabilityRestData" } } ], "responses" : { "200" : { "description" : "Successfully created private vulnerability", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/vulnerability/delete/{vulnerabilityCode}" : { "delete" : { "tags" : [ "Insights Custom Components" ], "summary" : "Delete private vulnerability", "description" : "Delete a private vulnerability.", "operationId" : "deleteVulnerability", "consumes" : [ "application/json", "text/plain" ], "produces" : [ "application/json" ], "parameters" : [ { "name" : "vulnerabilityCode", "in" : "path", "description" : "Vulnerability Code", "required" : true, "type" : "string", "x-example" : "CUSTOM-0001" } ], "responses" : { "200" : { "description" : "Successfully deleted private vulnerability", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/vulnerability/list" : { "get" : { "tags" : [ "Insights Custom Components" ], "summary" : "Get list of private vulnerabilities", "description" : "Get list of private vulnerabilities.", "operationId" : "listPrivateVulnerabilities", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "name" : "vulnerabilityCode", "in" : "query", "description" : "Vulnerability code", "required" : false, "type" : "string", "x-example" : "MY-VULN-0001" }, { "name" : "affectedGroupName", "in" : "query", "description" : "Affected group name", "required" : false, "type" : "string", "x-example" : "org.springframework" }, { "name" : "affectedArtifactName", "in" : "query", "description" : "Affected artifact name", "required" : false, "type" : "string", "x-example" : "spring-core" }, { "name" : "affectedLanguage", "in" : "query", "description" : "Affected language", "required" : false, "type" : "string", "x-example" : "java" }, { "name" : "page", "in" : "query", "description" : "Page number of the request", "required" : false, "type" : "integer", "x-example" : 1 }, { "name" : "count", "in" : "query", "description" : "The number of the elements per page", "required" : false, "type" : "integer", "x-example" : 50 } ], "responses" : { "200" : { "description" : "Successfully get list of private vulnerabilities", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/PrivateVulnerabilityRestData" } } }, "400" : { "description" : "Bad request" }, "403" : { "description" : "Access denied" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/insights/custom/vulnerability/update/{vulnerabilityCode}" : { "put" : { "tags" : [ "Insights Custom Components" ], "summary" : "Update private vulnerability", "description" : "Updates a private vulnerability.", "operationId" : "updateVulnerabilityData", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the vulnerability to update", "required" : true, "schema" : { "$ref" : "#/definitions/PrivateVulnerabilityRestData" } }, { "name" : "vulnerabilityCode", "in" : "path", "description" : "Vulnerability Code", "required" : true, "type" : "string", "x-example" : "CUSTOM-0001" } ], "responses" : { "200" : { "description" : "Successfully updated private vulnerability", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/languages" : { "get" : { "tags" : [ "Languages" ], "summary" : "Get languages", "description" : "Obtains a map of languages specifying the language code and the language name", "operationId" : "getLanguages", "produces" : [ "application/json" ], "responses" : { "200" : { "description" : "Successfully retrieval of languages map", "schema" : { "type" : "object", "additionalProperties" : { "type" : "string" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/metrics" : { "get" : { "tags" : [ "Application" ], "summary" : "Get analysis global metrics", "description" : "Obtains the global metrics of indicated analysis.", "operationId" : "getMetricsMap", "produces" : [ "application/json" ], "parameters" : [ { "name" : "code", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" } ], "responses" : { "200" : { "description" : "Successfully retrieval of global metrics map", "schema" : { "type" : "object", "additionalProperties" : { "type" : "object" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/portfolios" : { "get" : { "tags" : [ "Portfolio" ], "summary" : "Get portfolio definitions", "description" : "Obtains the portfolio definitions of an account.", "operationId" : "getPortfolioGroups", "produces" : [ "application/json" ], "responses" : { "200" : { "description" : "Successful retrieval of portfolio definitions list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/PortfolioDefinitionData" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "post" : { "tags" : [ "Portfolio" ], "summary" : "Create or update portfolio definitions", "description" : "Creates or update portfolio definitions for an account.", "operationId" : "createPortfolioGroups", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "Portfolio to be saved", "required" : true, "schema" : { "$ref" : "#/definitions/PortfolioDefinitionData" } } ], "responses" : { "200" : { "description" : "Successfully created or updated portfolio definition", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/portfolios/{portfolio}/users/roles" : { "get" : { "tags" : [ "Portfolio" ], "summary" : "Get users roles by portfolio", "description" : "List the users roles for the portfolio. Use 'username', 'exactUsername', 'portfolioValue' and 'exactPortfolioValue' to filter results.", "operationId" : "getUserRolesPortfolio", "produces" : [ "application/json" ], "parameters" : [ { "name" : "portfolio", "in" : "path", "description" : "Portfolio name", "required" : true, "type" : "string", "x-example" : "businessValue" }, { "name" : "username", "in" : "query", "description" : "'username' mask to filter results", "required" : false, "type" : "string", "x-example" : "username" }, { "name" : "exactUsername", "in" : "query", "description" : "Indicates if the username must be equals (ignore case). Only apply if username is provided", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "portfolioValue", "in" : "query", "description" : "'portfolioValue' mask to filter results", "required" : false, "type" : "string", "x-example" : "high" }, { "name" : "exactPortfolioValue", "in" : "query", "description" : "Indicates if the portfolioValue must be equals (ignore case). Only apply if portfolioValue is provided", "required" : false, "type" : "boolean", "x-example" : true } ], "responses" : { "200" : { "description" : "Successful retrieval portfolio users roles", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/UserPortfolioRoleData" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/portfolios/{portfolio}/values/list" : { "get" : { "tags" : [ "Portfolio" ], "summary" : "Get list of portfolio values by portfolio name", "description" : "List all portfolio values asociated to portfolio name. This endpoint return an error code 15 if the portfolio name not exists, in other case, it return the list of portfolio values.", "operationId" : "getPortfolioValuesByName", "produces" : [ "application/json" ], "parameters" : [ { "name" : "portfolio", "in" : "path", "description" : "Portfolio name", "required" : true, "type" : "string", "x-example" : "businessValue" } ], "responses" : { "200" : { "description" : "Successful retrieval list of portfolio value for this portfolio name", "schema" : { "type" : "array", "items" : { "type" : "string" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/portfolios/{portfolio}/{value}/exists" : { "get" : { "tags" : [ "Portfolio" ], "summary" : "Get if portfolio and portfolio value exists", "description" : "Check if portfolio and portfolio value exists. This endpoint return an error code 15 if the portfolio name not exists and return true if exists the pair protfolio name and value and false if exists portfolio name but not exists the portfolio value for this portfolio name.", "operationId" : "existsPortfolioValue", "produces" : [ "application/json" ], "parameters" : [ { "name" : "portfolio", "in" : "path", "description" : "Portfolio name", "required" : true, "type" : "string", "x-example" : "businessValue" }, { "name" : "value", "in" : "path", "description" : "Portfolio value", "required" : true, "type" : "string", "x-example" : "high" } ], "responses" : { "200" : { "description" : "Successful retrieval if portfolio name and portfolio value exists", "schema" : { "type" : "boolean" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/qualitymodel/suppressions" : { "get" : { "tags" : [ "Application" ], "summary" : "Get suppression rules", "description" : "Get suppression rules for application given as parameter.", "operationId" : "downloadSuppressions", "produces" : [ "application/xml", "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" } ], "responses" : { "200" : { "description" : "Successfully retrieval of suppression rules", "schema" : { "type" : "string" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/security/permissions/{action}" : { "get" : { "tags" : [ "Security" ], "summary" : "Get permissions for an action", "description" : "Returns grant information on the specified action for the authenticated user. Recognized actions: MUTE_DEFECTS, CHANGE_DEFECT_STATUS", "operationId" : "getAuthorizationForAction", "produces" : [ "application/json" ], "parameters" : [ { "name" : "action", "in" : "path", "description" : "Action name", "required" : true, "type" : "string", "x-example" : "MUTE_DEFECTS", "enum" : [ "MUTE_DEFECTS", "CHANGE_DEFECT_STATUS" ] }, { "name" : "application", "in" : "query", "description" : "Application name", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "appId", "in" : "query", "description" : "Application identifier", "required" : false, "type" : "string", "x-example" : "234" } ], "responses" : { "200" : { "description" : "Successful retrieval of grant information", "schema" : { "$ref" : "#/definitions/AuthorizationResponse" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/stats" : { "get" : { "tags" : [ "GlobalStats" ], "summary" : "Get the user information", "description" : "Obtains the user's global information about locs, files and analysis alongwith the current timestamp in UTC format as JSON if user has access to all customer applications. Access Denied otherwise.", "operationId" : "getStats", "produces" : [ "application/json" ], "responses" : { "200" : { "description" : "Successful retrieval of global information", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/GlobalCounterResponse" } } }, "403" : { "description" : "Access denied" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/user/{username}/applications/roles" : { "get" : { "tags" : [ "User" ], "summary" : "Get applications roles by user", "description" : "List the applications roles for the username. Use 'applicationName' and 'exactApplicationName' to filter results.", "operationId" : "getUserApplicationsRoles", "produces" : [ "application/json" ], "parameters" : [ { "name" : "username", "in" : "path", "description" : "User name", "required" : true, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "applicationName", "in" : "query", "description" : "'applicationName' mask to filter results", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "exactApplicationName", "in" : "query", "description" : "Indicates if the applicationName must be equals (ignore case). Only apply if applicationName is provided", "required" : false, "type" : "boolean", "x-example" : true } ], "responses" : { "200" : { "description" : "Successful retrieval user applications roles", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ApplicationRoleData" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/user/{username}/portfolios/roles" : { "get" : { "tags" : [ "User" ], "summary" : "Get portfolios roles by user", "description" : "List the portfolios roles for the username. Use 'portfolioName', 'exactPortfolioName', 'portfolioValue' and 'exactPortfolioValue' to filter results.", "operationId" : "getUserPortfoliosRoles", "produces" : [ "application/json" ], "parameters" : [ { "name" : "username", "in" : "path", "description" : "User name", "required" : true, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "portfolioName", "in" : "query", "description" : "'portfolioName' mask to filter results", "required" : false, "type" : "string", "x-example" : "businessValue" }, { "name" : "exactPortfolioName", "in" : "query", "description" : "Indicates if the portfolioName must be equals (ignore case). Only apply if portfolioName is provided", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "portfolioValue", "in" : "query", "description" : "'portfolioValue' mask to filter results", "required" : false, "type" : "string", "x-example" : "high" }, { "name" : "exactPortfolioValue", "in" : "query", "description" : "Indicates if the portfolioValue must be equals (ignore case). Only apply if portfolioValue is provided", "required" : false, "type" : "boolean", "x-example" : true } ], "responses" : { "200" : { "description" : "Successful retrieval user portfolios roles", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/PortfolioRoleData" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/userGroups" : { "get" : { "tags" : [ "UserGroup" ], "summary" : "Get list of user groups", "description" : "List the user groups of your account.", "operationId" : "listUserGroups", "produces" : [ "application/json" ], "responses" : { "200" : { "description" : "Successful retrieval of user groups list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/UserGroupResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "post" : { "tags" : [ "UserGroup" ], "summary" : "Create user group", "description" : "Creates a new user group in your account.", "operationId" : "createUserGroup", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "The user group to create", "required" : true, "schema" : { "$ref" : "#/definitions/UserGroupRequest" } } ], "responses" : { "200" : { "description" : "Successfully created an user group", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/userGroups/{name}" : { "put" : { "tags" : [ "UserGroup" ], "summary" : "Update user group", "description" : "Modifies the information of an user group in your account.", "operationId" : "updateUserGroup", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "The user group to modify", "required" : true, "schema" : { "$ref" : "#/definitions/UserGroupRequest" } }, { "name" : "name", "in" : "path", "description" : "User group name", "required" : true, "type" : "string", "x-example" : "CMSDevelopers" } ], "responses" : { "200" : { "description" : "Successfully modified an user group", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "delete" : { "tags" : [ "UserGroup" ], "summary" : "Delete user group", "description" : "Deletes a user group of your account.", "operationId" : "deleteUserGroup", "consumes" : [ "application/json", "text/plain" ], "produces" : [ "application/json" ], "parameters" : [ { "name" : "name", "in" : "path", "description" : "User group name", "required" : true, "type" : "string", "x-example" : "CMSDevelopers" } ], "responses" : { "200" : { "description" : "Successfully deleted an user group", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/users" : { "get" : { "tags" : [ "User" ], "summary" : "Get list of users", "description" : "List the users of your account. Use 'username' and 'emailAddress' (logical AND) to filter results.", "operationId" : "listUsers", "produces" : [ "application/json" ], "parameters" : [ { "name" : "username", "in" : "query", "description" : "'username' mask to filter results", "required" : false, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "exactUsername", "in" : "query", "description" : "Indicates if the username must be equals (ignore case). Only apply if username is provided", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "emailAddress", "in" : "query", "description" : "'emailAddress' mask to filter results", "required" : false, "type" : "string", "x-example" : "john.smith@myCompany.com" } ], "responses" : { "200" : { "description" : "Successful retrieval of users list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/UserDetailResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "post" : { "tags" : [ "User" ], "summary" : "Create user", "description" : "Creates a new user in your account.", "operationId" : "createUser", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the user to create", "required" : true, "schema" : { "$ref" : "#/definitions/UserManagementRequest" } } ], "responses" : { "200" : { "description" : "Successfully created user", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/users/applications/permissions" : { "get" : { "tags" : [ "User" ], "summary" : "Get list of users and application permissions", "description" : "List the users of your account with their application permissions. Use 'username' and 'emailAddress' and 'applicationName' (logical AND) to filter results.", "operationId" : "listUsersWithPermissions", "produces" : [ "application/json" ], "parameters" : [ { "name" : "username", "in" : "query", "description" : "'username' mask to filter results", "required" : false, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "emailAddress", "in" : "query", "description" : "'emailAddress' mask to filter results", "required" : false, "type" : "string", "x-example" : "john.smith@myCompany.com" }, { "name" : "applicationName", "in" : "query", "description" : "'applicationName' mask to filter results", "required" : false, "type" : "string", "x-example" : "myApp" }, { "name" : "exactUsername", "in" : "query", "description" : "Indicates if the username must be equals (ignore case). Only apply if username is provided", "required" : false, "type" : "boolean", "x-example" : true }, { "name" : "exactApplicationName", "in" : "query", "description" : "Indicates if the applicationName must be equals (ignore case). Only apply if applicationName is provided", "required" : false, "type" : "boolean", "x-example" : true } ], "responses" : { "200" : { "description" : "Successful retrieval of users list with their application permissions", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/UserAppsPermissionsResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/users/{username}" : { "put" : { "tags" : [ "User" ], "summary" : "Update user", "description" : "Modifies the information of an user in your account.", "operationId" : "updateUser", "consumes" : [ "application/json" ], "produces" : [ "application/json" ], "parameters" : [ { "in" : "body", "name" : "body", "description" : "the user to update", "required" : true, "schema" : { "$ref" : "#/definitions/UserManagementRequest" } }, { "name" : "username", "in" : "path", "description" : "User name", "required" : true, "type" : "string", "x-example" : "john.smith@myCompany.com" } ], "responses" : { "200" : { "description" : "Successfully updated user", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] }, "delete" : { "tags" : [ "User" ], "summary" : "Delete user", "description" : "Delete a user of your account.", "operationId" : "deleteUser", "consumes" : [ "application/json", "text/plain" ], "produces" : [ "application/json" ], "parameters" : [ { "name" : "username", "in" : "path", "description" : "User name", "required" : true, "type" : "string", "x-example" : "john.smith@myCompany.com" } ], "responses" : { "200" : { "description" : "Successfully deleted user", "schema" : { "$ref" : "#/definitions/ResultData" } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/violatedrules" : { "get" : { "tags" : [ "Defect" ], "summary" : "Get violated rules of an analysis", "description" : "Obtains the list of violated rules of an analysis for the authenticated user.", "operationId" : "getViolatedRules", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : false, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "characteristic", "in" : "query", "description" : "CQM characteristic", "required" : false, "type" : "string", "x-example" : "Security", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, { "name" : "language", "in" : "query", "description" : "CQM technology", "required" : false, "type" : "string", "x-example" : "java" }, { "name" : "priority", "in" : "query", "description" : "Rule priority", "required" : false, "type" : "string", "x-example" : "Very high", "enum" : [ "Very low", "Low", "Normal", "High", "Very high" ] }, { "name" : "vulnerabilityType", "in" : "query", "description" : "Vulnerability type", "required" : false, "type" : "string", "x-example" : "Injection", "enum" : [ "'Permissions", "privileges and access controls'", "'Injection'", "'Error handling and fault isolation'", "'Other'", "'Encryption and randomness'", "'Misconfiguration'", "'Design error'", "'Initialization and shutdown'", "'Control flow management'", "'File handling'", "'Number handling'", "'System element isolation'", "'Buffer handling'", "'Information leaks'", "'Pointer and reference handling'" ] }, { "name" : "tag", "in" : "query", "description" : "Rule tag", "required" : false, "type" : "string", "x-example" : "hardcoded-path" }, { "name" : "onlyCodeSecurity", "in" : "query", "description" : "Only Code Security rules", "required" : false, "type" : "boolean", "x-example" : true, "enum" : [ "true", "false" ] } ], "responses" : { "200" : { "description" : "Successful retrieval of violated rules list", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/ViolatedRuleResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/violatedrules/files" : { "get" : { "tags" : [ "Defect" ], "summary" : "Get files of a violated rule", "description" : "Obtains the list of files where the violated rule affects.", "operationId" : "getViolatedRuleFilesViaGET", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "ruleCode", "in" : "query", "description" : "Rule code", "required" : true, "type" : "string", "x-example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule" } ], "responses" : { "200" : { "description" : "Successful retrieval of files with defects", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/FileWithDefectsResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } }, "/violatedrules/files/defects" : { "get" : { "tags" : [ "Defect" ], "summary" : "Get defects of file", "description" : "Obtains the list of defects in a file for a concrete violated rule.", "operationId" : "getViolatedRuleFileDefectsViaGET", "produces" : [ "application/json" ], "parameters" : [ { "name" : "application", "in" : "query", "description" : "Application name", "required" : true, "type" : "string", "x-example" : "myApp" }, { "name" : "analysisCode", "in" : "query", "description" : "Analysis code", "required" : true, "type" : "string", "x-example" : "A-7e3-16e5b1aad2a" }, { "name" : "ruleCode", "in" : "query", "description" : "Rule code", "required" : true, "type" : "string", "x-example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule" }, { "name" : "file", "in" : "query", "description" : "File name including path", "required" : true, "type" : "string", "x-example" : "src/main/java/com/myCompany/myApp/CSRFServlet.java" } ], "responses" : { "200" : { "description" : "Successful retrieval of defect lines", "schema" : { "type" : "array", "items" : { "$ref" : "#/definitions/DefectLineResponse" } } }, "400" : { "description" : "Bad format" }, "403" : { "description" : "Access denied" }, "404" : { "description" : "Resource not found" }, "429" : { "description" : "Quota limit reached" }, "500" : { "description" : "Internal server error" } }, "security" : [ { "basicAuth" : [ ] }, { "Cookie" : [ ] } ] } } }, "securityDefinitions" : { "Cookie" : { "type" : "apiKey", "name" : "Cookie", "in" : "header" }, "basicAuth" : { "type" : "basic" } }, "definitions" : { "AccessControlConfigurationData" : { "type" : "object", "required" : [ "managementFeatures" ], "properties" : { "assignmentMode" : { "type" : "string", "example" : "OVERWRITE", "description" : "Indicates how to update the permissions. Can be ADD, DELETE or OVERWRITE.\n\nADD : The existing administrative privileges remain unchanged, and the new settings are added.\n\nDELETE : Deletes the specified privileges from the current configuration.\n\nOVERWRITE : Clears ALL existing privileges and updates them with only the parameters provided in the payload.", "enum" : [ "ADD", "DELETE", "OVERWRITE" ] }, "overrideUserGroupConfig" : { "type" : "boolean", "example" : true, "description" : "Indicates if override user group config or not", "enum" : [ true, false ] }, "managementFeatures" : { "type" : "array", "example" : "["MANAGE_APPLICATIONS","MANAGE_MODELS","VIEW_LIFE_CYCLE"]", "description" : "Management features to enable/disable. Allowed values are { MANAGE_APPLICATIONS | MANAGE_ALL_USERS | MANAGE_MODELS | MANAGE_AUDITS | MANAGE_REPORTS | VIEW_GOVERNANCE | VIEW_CODE_ANALYSIS | VIEW_CODE_SECURITY | VIEW_INSIGHTS | VIEW_LIFE_CYCLE }", "items" : { "type" : "string" } }, "portfolioRoles" : { "type" : "array", "description" : "Portfolio roles list", "items" : { "$ref" : "#/definitions/PortfolioRoleData" } }, "applicationRoles" : { "type" : "array", "description" : "Application roles list", "items" : { "$ref" : "#/definitions/ApplicationRoleData" } }, "businessValueRoles" : { "type" : "array", "description" : "Business value portofolio roles list", "items" : { "$ref" : "#/definitions/BusinessValuePortfolioRoleData" } }, "providerRoles" : { "type" : "array", "description" : "Provider portfolio roles list", "items" : { "$ref" : "#/definitions/ProviderPortfolioRoleData" } } }, "description" : "Data object to configure user Access Control" }, "ActionPlanDefectsResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ActionPlan1", "description" : "Action plan name" }, "description" : { "type" : "string", "example" : "Action Plan for security defects", "description" : "Action plan Description" }, "creation" : { "type" : "string", "example" : "2019-10-31T14:50:05.227Z", "description" : "Creation time" }, "expiration" : { "type" : "string", "example" : "2019-11-31T14:50:05.227Z", "description" : "Expiration time" }, "createdBy" : { "type" : "string", "example" : "The Boss", "description" : "User action plan creator" }, "assignedTo" : { "type" : "string", "example" : "John Smith", "description" : "User assigned to this action plan" }, "progress" : { "type" : "number", "format" : "double", "example" : 32.5, "description" : "Action plan progress" }, "estimate" : { "type" : "string", "example" : "1h 56m", "description" : "Total effort estimated time" }, "pendingEffort" : { "type" : "string", "example" : "30m", "description" : "Pending effort estimated time" }, "purged" : { "type" : "boolean", "example" : false, "description" : "Indicates if the action plan is purged" }, "allDefects" : { "type" : "array", "description" : "List of action plan defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Response object for action plan defects" }, "ActionPlanDetailResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ActionPlan1", "description" : "Action plan name" }, "description" : { "type" : "string", "example" : "Action Plan for security defects", "description" : "Action plan Description" }, "creation" : { "type" : "string", "example" : "2019-10-31T14:50:05.227Z", "description" : "Creation time" }, "expiration" : { "type" : "string", "example" : "2019-11-31T14:50:05.227Z", "description" : "Expiration time" }, "createdBy" : { "type" : "string", "example" : "The Boss", "description" : "User action plan creator" }, "assignedTo" : { "type" : "string", "example" : "John Smith", "description" : "User assigned to this action plan" }, "progress" : { "type" : "number", "format" : "double", "example" : 32.5, "description" : "Action plan progress" }, "estimate" : { "type" : "string", "example" : "1h 56m", "description" : "Total effort estimated time" }, "pendingEffort" : { "type" : "string", "example" : "30m", "description" : "Pending effort estimated time" }, "purged" : { "type" : "boolean", "example" : false, "description" : "Indicates if the action plan is purged" } }, "description" : "Response object for action plan details" }, "ActionPlanPendingDefectsResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ActionPlan1", "description" : "Action plan name" }, "description" : { "type" : "string", "example" : "Action Plan for security defects", "description" : "Action plan Description" }, "creation" : { "type" : "string", "example" : "2019-10-31T14:50:05.227Z", "description" : "Creation time" }, "expiration" : { "type" : "string", "example" : "2019-11-31T14:50:05.227Z", "description" : "Expiration time" }, "createdBy" : { "type" : "string", "example" : "The Boss", "description" : "User action plan creator" }, "assignedTo" : { "type" : "string", "example" : "John Smith", "description" : "User assigned to this action plan" }, "progress" : { "type" : "number", "format" : "double", "example" : 32.5, "description" : "Action plan progress" }, "estimate" : { "type" : "string", "example" : "1h 56m", "description" : "Total effort estimated time" }, "pendingEffort" : { "type" : "string", "example" : "30m", "description" : "Pending effort estimated time" }, "purged" : { "type" : "boolean", "example" : false, "description" : "Indicates if the action plan is purged" }, "pendingDefects" : { "type" : "array", "description" : "List of action plan pending defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Response object for action plan pending defects" }, "ActionPlanProgressResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ActionPlan1", "description" : "Action plan name" }, "description" : { "type" : "string", "example" : "Action Plan for security defects", "description" : "Action plan Description" }, "creation" : { "type" : "string", "example" : "2019-10-31T14:50:05.227Z", "description" : "Creation time" }, "expiration" : { "type" : "string", "example" : "2019-11-31T14:50:05.227Z", "description" : "Expiration time" }, "createdBy" : { "type" : "string", "example" : "The Boss", "description" : "User action plan creator" }, "assignedTo" : { "type" : "string", "example" : "John Smith", "description" : "User assigned to this action plan" }, "progress" : { "type" : "number", "format" : "double", "example" : 32.5, "description" : "Action plan progress" }, "estimate" : { "type" : "string", "example" : "1h 56m", "description" : "Total effort estimated time" }, "pendingEffort" : { "type" : "string", "example" : "30m", "description" : "Pending effort estimated time" }, "purged" : { "type" : "boolean", "example" : false, "description" : "Indicates if the action plan is purged" }, "riskIndexBefore" : { "type" : "number", "format" : "double", "example" : 19.22, "description" : "Risk index before action plan" }, "globalIndicatorBefore" : { "type" : "number", "format" : "double", "example" : 7.21, "description" : "Global indicator before action plan" }, "effortToTargetBefore" : { "type" : "number", "format" : "double", "example" : 31.8, "description" : "Effort to target before action plan" }, "qualityIndicatorsBefore" : { "type" : "object", "example" : "{"Efficiency":53.21, "Portability":72.9, "Maintainability":21.9, "Reliability":13.12, "Security":38.32 }", "description" : "Map of quality indicators before action plan", "additionalProperties" : { "type" : "number", "format" : "double" } }, "riskIndexAfter" : { "type" : "number", "format" : "double", "example" : 9.3, "description" : "Risk index after action plan" }, "globalIndicatorAfter" : { "type" : "number", "format" : "double", "example" : 23.5, "description" : "Global indicator after action plan" }, "effortToTargetAfter" : { "type" : "number", "format" : "double", "example" : 8.23, "description" : "Effort to target after action plan" }, "qualityIndicatorsAfter" : { "type" : "object", "example" : "{"Efficiency":15.28, "Portability":7.23, "Maintainability":71.1, "Reliability":31.2, "Security":23.21 }", "description" : "Map of quality indicators after action plan", "additionalProperties" : { "type" : "number", "format" : "double" } }, "metrics" : { "type" : "object", "description" : "Map of action plan metrics", "additionalProperties" : { "type" : "number", "format" : "double" } } }, "description" : "Response object for action plan in progress" }, "ActionPlanRemovedDefectsResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ActionPlan1", "description" : "Action plan name" }, "description" : { "type" : "string", "example" : "Action Plan for security defects", "description" : "Action plan Description" }, "creation" : { "type" : "string", "example" : "2019-10-31T14:50:05.227Z", "description" : "Creation time" }, "expiration" : { "type" : "string", "example" : "2019-11-31T14:50:05.227Z", "description" : "Expiration time" }, "createdBy" : { "type" : "string", "example" : "The Boss", "description" : "User action plan creator" }, "assignedTo" : { "type" : "string", "example" : "John Smith", "description" : "User assigned to this action plan" }, "progress" : { "type" : "number", "format" : "double", "example" : 32.5, "description" : "Action plan progress" }, "estimate" : { "type" : "string", "example" : "1h 56m", "description" : "Total effort estimated time" }, "pendingEffort" : { "type" : "string", "example" : "30m", "description" : "Pending effort estimated time" }, "purged" : { "type" : "boolean", "example" : false, "description" : "Indicates if the action plan is purged" }, "removedDefects" : { "type" : "array", "description" : "List of action plan removed defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Response object for action plan removed defects" }, "ActivitiesResponse" : { "type" : "object", "properties" : { "action" : { "type" : "string", "example" : "CREATE", "description" : "Activity action" }, "user" : { "type" : "string", "example" : "user", "description" : "User which did the activity" }, "date" : { "type" : "string", "example" : "2019-11-23T12:22:34Z", "description" : "Activity date" }, "elementType" : { "type" : "string", "example" : "Analysis KLA", "description" : "Activity type" }, "description" : { "type" : "string", "example" : "The user \"username\" logged in", "description" : "Activity description" }, "affectedItems" : { "type" : "array", "description" : "Affected elements by the activity", "items" : { "$ref" : "#/definitions/AffectedItemData" } } } }, "ActivityResponse" : { "type" : "object", "properties" : { "totalResults" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Total results" }, "itemsPerPage" : { "type" : "integer", "format" : "int32", "example" : 10, "description" : "Items per page" }, "startIndex" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Start index" }, "activity" : { "type" : "array", "description" : "Activities list", "items" : { "$ref" : "#/definitions/ActivitiesResponse" } } } }, "AffectedItemData" : { "type" : "object", "properties" : { "type" : { "type" : "string", "example" : "Application", "description" : "Affected item type" }, "value" : { "type" : "string", "example" : "myAppName", "description" : "Affected item value" }, "oldValue" : { "type" : "string", "example" : "myOldAppName", "description" : "Affected item old value" } } }, "AffectedVersionsData" : { "type" : "object", "properties" : { "fixedVersion" : { "type" : "string", "example" : "1.0.0", "description" : "If affected version is a fixed version. One of these two fields 'fixedVersion' or 'initialVersion' is required" }, "initialVersion" : { "type" : "string", "example" : "2.0.0", "description" : "If affected versions is a range of versions this is the initial version. One of these two fields 'fixedVersion' or 'initialVersion' is required" }, "endVersion" : { "type" : "string", "example" : "3.0.0", "description" : "If affected versions is a range of versions this is the end version. If this field is not provided and the affected versions is a range then all versions geather than inital versions will be considered affected" }, "includeInitialVersion" : { "type" : "boolean", "example" : true, "description" : "If initial version is included or not" }, "includeEndVersion" : { "type" : "boolean", "example" : true, "description" : "If end version is included or not" } }, "description" : "Data object for Affected Versions" }, "AnalysisDefectsResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "android", "description" : "Application name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Application audit name" }, "applicationBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "applicationProvider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "applicationPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of application portfolios", "additionalProperties" : { "type" : "string" } }, "creationDate" : { "type" : "string", "example" : "2020-07-22T15:34:53Z", "description" : "Date of initial analysis" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "date" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Analysis model identifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis encoding" }, "analysisCode" : { "type" : "string", "example" : "A-ZBA-234820349", "description" : "Analysis code" }, "analysisURL" : { "type" : "string", "example" : "https://www.kiuwan.com/saas/web/dashboard/dashboard#$pe=application$sei=2401$mi=dashboard$ac=A-ZBA-234820349", "description" : "Kiuwan link to view the analysis detail" }, "auditResultURL" : { "type" : "string", "description" : "Kiuwan link to view the audit result of the analisys" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "string" } }, "analysisStatus" : { "type" : "string", "example" : "FINISHED", "description" : "Analysis status", "enum" : [ "EXECUTING", "FINISHED", "FINISHED_WITH_ERROR" ] }, "languages" : { "type" : "array", "description" : "Languages metric list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "architecture" : { "description" : "Architecture detail", "$ref" : "#/definitions/MetadataArchitectureData" }, "insightsData" : { "description" : "Insights metadata", "$ref" : "#/definitions/MetadataInsightsData" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed Files", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "defects_count" : { "type" : "integer", "format" : "int32", "example" : 581, "description" : "Defects count" }, "activeDefects_count" : { "type" : "integer", "format" : "int32", "example" : 575, "description" : "Active defects count" }, "supressedDefects_count" : { "type" : "integer", "format" : "int32", "example" : 6, "description" : "Supressed defects count" }, "count" : { "type" : "integer", "format" : "int32", "example" : 500, "description" : "Number of defects in this response" }, "page" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Page number" }, "defects" : { "type" : "array", "description" : "Defects detail list", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } }, "lastSuccessfulBaseline" : { "example" : "{\"baselineDate\": \"2020-08-04T07:21:29Z\",\n \"baselineLabel\": \"baseline_2020\",\n \"analysisCode\": \"A-7e4-173b85b415d\"}", "description" : "last Baseline Analysis Summary", "$ref" : "#/definitions/AnalysisResponse" }, "lastSuccessfulDelivery" : { "example" : "{ \"deliveryDate\": \"2020-08-05T07:56:29Z\",\n \"changeRequest\": \"CR_123\",\n \"branchName\": \"master\",\n \"deliveryLabel\": \"delivery_2020\",\n \"type\": \"complete\",\n \"analysisCode\": \"A-7e5-273c8db761a\"}", "description" : "last successful delivery", "$ref" : "#/definitions/AnalysisResponse" }, "quality_model" : { "type" : "string", "example" : "CQM", "description" : "Application quality model name" }, "ordered_by" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "Risk index" : { "description" : "Risk index metric", "$ref" : "#/definitions/MetricValueData" }, "Quality indicator" : { "description" : "Quality indicator metric", "$ref" : "#/definitions/MetricValueData" }, "Effort to target" : { "description" : "Effort to target metric", "$ref" : "#/definitions/MetricValueData" }, "Main metrics" : { "type" : "array", "description" : "Main metrics list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "Security" : { "type" : "object", "example" : "{ "Rating": 1, {"3Stars":104.6,"5Stars":255.9,"2Stars":64.89,"4Stars":247.4}", "description" : "Map of security metrics", "readOnly" : true, "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Analysis Defects" }, "AnalysisFilesResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "android", "description" : "Application name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Application audit name" }, "applicationBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "applicationProvider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "applicationPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of application portfolios", "additionalProperties" : { "type" : "string" } }, "creationDate" : { "type" : "string", "example" : "2020-07-22T15:34:53Z", "description" : "Date of initial analysis" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "date" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Analysis model identifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis encoding" }, "analysisCode" : { "type" : "string", "example" : "A-ZBA-234820349", "description" : "Analysis code" }, "analysisURL" : { "type" : "string", "example" : "https://www.kiuwan.com/saas/web/dashboard/dashboard#$pe=application$sei=2401$mi=dashboard$ac=A-ZBA-234820349", "description" : "Kiuwan link to view the analysis detail" }, "auditResultURL" : { "type" : "string", "description" : "Kiuwan link to view the audit result of the analisys" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "string" } }, "analysisStatus" : { "type" : "string", "example" : "FINISHED", "description" : "Analysis status", "enum" : [ "EXECUTING", "FINISHED", "FINISHED_WITH_ERROR" ] }, "languages" : { "type" : "array", "description" : "Languages metric list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "architecture" : { "description" : "Architecture detail", "$ref" : "#/definitions/MetadataArchitectureData" }, "insightsData" : { "description" : "Insights metadata", "$ref" : "#/definitions/MetadataInsightsData" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed Files", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "files_count" : { "type" : "integer", "format" : "int32", "example" : 124, "description" : "Number of files" }, "count" : { "type" : "integer", "format" : "int32", "example" : 100, "description" : "Number of files in this response" }, "page" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Page number" }, "files" : { "type" : "array", "description" : "Files list", "items" : { "$ref" : "#/definitions/FileData" } }, "lastSuccessfulBaseline" : { "example" : "{\"baselineDate\": \"2020-08-04T07:21:29Z\",\n \"baselineLabel\": \"baseline_2020\",\n \"analysisCode\": \"A-7e4-173b85b415d\"}", "description" : "last Baseline Analysis Summary", "$ref" : "#/definitions/AnalysisResponse" }, "lastSuccessfulDelivery" : { "example" : "{ \"deliveryDate\": \"2020-08-05T07:56:29Z\",\n \"changeRequest\": \"CR_123\",\n \"branchName\": \"master\",\n \"deliveryLabel\": \"delivery_2020\",\n \"type\": \"complete\",\n \"analysisCode\": \"A-7e5-273c8db761a\"}", "description" : "last successful delivery", "$ref" : "#/definitions/AnalysisResponse" }, "quality_model" : { "type" : "string", "example" : "CQM", "description" : "Application quality model name" }, "ordered_by" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "Risk index" : { "description" : "Risk index metric", "$ref" : "#/definitions/MetricValueData" }, "Quality indicator" : { "description" : "Quality indicator metric", "$ref" : "#/definitions/MetricValueData" }, "Effort to target" : { "description" : "Effort to target metric", "$ref" : "#/definitions/MetricValueData" }, "Main metrics" : { "type" : "array", "description" : "Main metrics list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "Security" : { "type" : "object", "example" : "{ "Rating": 1, {"3Stars":104.6,"5Stars":255.9,"2Stars":64.89,"4Stars":247.4}", "description" : "Map of security metrics", "readOnly" : true, "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Analysis Files" }, "AnalysisResponse" : { "type" : "object", "properties" : { "code" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis code" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "creationDate" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "qualityModel" : { "type" : "string", "example" : "CQM", "description" : "Quality model" }, "modelId" : { "type" : "string", "description" : "Model indentifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis enconding" }, "invoker" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "status" : { "type" : "string", "example" : "RUNNING", "description" : "Analysis status", "enum" : [ "INQUEUE", "FAIL", "SUCCESS", "RUNNING" ] }, "errorCode" : { "type" : "string", "description" : "Analysis error code" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed files list", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "analysisScope" : { "type" : "string", "example" : "Baseline", "description" : "Analysis scope", "enum" : [ "Baseline", "Complete delivery", "Partial delivery" ] }, "changeRequest" : { "type" : "string", "example" : "CR_14-10-2019_1", "description" : "Delivery change request" }, "changeRequestStatus" : { "type" : "string", "example" : "Resolved", "description" : "Change request status", "enum" : [ "Resolved", "In progress" ] }, "branchName" : { "type" : "string", "example" : "master", "description" : "Delivery branch name" }, "auditResult" : { "type" : "string", "example" : "FAIL", "description" : "Delivery audit result" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "object" } }, "metrics" : { "type" : "object", "example" : "{"com.optimyth.CQM.defectsByPriority.Priority 1": 163,"com.optimyth.CQM.defectsByPriority.Priority 2": 201,"com.optimyth.CQM.defectsByPriority.Priority 3": 159,"com.optimyth.CQM.defectsByPriority.Priority 4": 17,"com.optimyth.CQM.defectsByPriority.Priority 5": 41}", "description" : "Map of analysis metrics", "additionalProperties" : { "type" : "number", "format" : "double" } } }, "description" : "Response object for Analysis" }, "AnalysisResultResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "android", "description" : "Application name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Application audit name" }, "applicationBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "applicationProvider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "applicationPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of application portfolios", "additionalProperties" : { "type" : "string" } }, "creationDate" : { "type" : "string", "example" : "2020-07-22T15:34:53Z", "description" : "Date of initial analysis" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "date" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Analysis model identifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis encoding" }, "analysisCode" : { "type" : "string", "example" : "A-ZBA-234820349", "description" : "Analysis code" }, "analysisURL" : { "type" : "string", "example" : "https://www.kiuwan.com/saas/web/dashboard/dashboard#$pe=application$sei=2401$mi=dashboard$ac=A-ZBA-234820349", "description" : "Kiuwan link to view the analysis detail" }, "auditResultURL" : { "type" : "string", "description" : "Kiuwan link to view the audit result of the analisys" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "string" } }, "analysisStatus" : { "type" : "string", "example" : "FINISHED", "description" : "Analysis status", "enum" : [ "EXECUTING", "FINISHED", "FINISHED_WITH_ERROR" ] }, "languages" : { "type" : "array", "description" : "Languages metric list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "architecture" : { "description" : "Architecture detail", "$ref" : "#/definitions/MetadataArchitectureData" }, "insightsData" : { "description" : "Insights metadata", "$ref" : "#/definitions/MetadataInsightsData" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed files", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "analysisScope" : { "type" : "string", "example" : "Complete delivery", "description" : "Analysis scope", "enum" : [ "Baseline", "Complete delivery", "Partial delivery" ] }, "changeRequest" : { "type" : "string", "example" : "CR_13.01.2020", "description" : "Delivery change request" }, "changeRequestStatus" : { "type" : "string", "example" : "Resolved", "description" : "Delivery change request status", "enum" : [ "Resolved", "In progress" ] }, "branchName" : { "type" : "string", "example" : "master", "description" : "Delivery branch name" }, "baselineAnalysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Baseline analysis code" }, "deliveryFiles" : { "description" : "Delivery files detail", "$ref" : "#/definitions/DeliveryFilesData" }, "deliveryDefects" : { "description" : "Delivery defects", "$ref" : "#/definitions/DeliveryDefectsData" }, "auditResult" : { "description" : "Delivery audit result detail", "$ref" : "#/definitions/AuditAnalysisResultResponse" }, "lastSuccessfulBaseline" : { "example" : "{\"baselineDate\": \"2020-08-04T07:21:29Z\",\n \"baselineLabel\": \"baseline_2020\",\n \"analysisCode\": \"A-7e4-173b85b415d\"}", "description" : "last Baseline Analysis Summary", "$ref" : "#/definitions/AnalysisResponse" }, "lastSuccessfulDelivery" : { "example" : "{ \"deliveryDate\": \"2020-08-05T07:56:29Z\",\n \"changeRequest\": \"CR_123\",\n \"branchName\": \"master\",\n \"deliveryLabel\": \"delivery_2020\",\n \"type\": \"complete\",\n \"analysisCode\": \"A-7e5-273c8db761a\"}", "description" : "last successful delivery", "$ref" : "#/definitions/AnalysisResponse" }, "quality_model" : { "type" : "string", "example" : "CQM", "description" : "Application quality model name" }, "ordered_by" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "Risk index" : { "description" : "Risk index metric", "$ref" : "#/definitions/MetricValueData" }, "Quality indicator" : { "description" : "Quality indicator metric", "$ref" : "#/definitions/MetricValueData" }, "Effort to target" : { "description" : "Effort to target metric", "$ref" : "#/definitions/MetricValueData" }, "Main metrics" : { "type" : "array", "description" : "Main metrics list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "Security" : { "type" : "object", "example" : "{ "Rating": 1, {"3Stars":104.6,"5Stars":255.9,"2Stars":64.89,"4Stars":247.4}", "description" : "Map of security metrics", "readOnly" : true, "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Analysis Result" }, "AnalysisSearchResponse" : { "type" : "object", "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name of this analysis" }, "code" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis code" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "creationDate" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "qualityModel" : { "type" : "string", "example" : "CQM", "description" : "Quality model" }, "modelId" : { "type" : "string", "description" : "Model indentifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis enconding" }, "invoker" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "status" : { "type" : "string", "example" : "RUNNING", "description" : "Analysis status" }, "errorCode" : { "type" : "string", "description" : "Analysis error code" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed files list", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "analysisScope" : { "type" : "string", "example" : "Baseline", "description" : "Analysis scope" }, "changeRequest" : { "type" : "string", "example" : "CR_14-10-2019_1", "description" : "Delivery change request" }, "changeRequestStatus" : { "type" : "string", "example" : "Resolved", "description" : "Change request status" }, "branchName" : { "type" : "string", "example" : "master", "description" : "Delivery branch name" }, "auditResult" : { "type" : "string", "example" : "FAIL", "description" : "Delivery audit result" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value" }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "object" } }, "analyzedFolder" : { "type" : "string", "example" : "user/sample_project/src", "description" : "Folder path that was analyzed" }, "metrics" : { "type" : "object", "example" : "{"com.optimyth.CQM.defectsByPriority.Priority 1": 163,"com.optimyth.CQM.defectsByPriority.Priority 2": 201,"com.optimyth.CQM.defectsByPriority.Priority 3": 159,"com.optimyth.CQM.defectsByPriority.Priority 4": 17,"com.optimyth.CQM.defectsByPriority.Priority 5": 41}", "description" : "Map of analysis metrics", "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Analysis Search" }, "ApplicationAnalysisResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "android", "description" : "Application name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Application audit name" }, "applicationBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "applicationProvider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "applicationPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of application portfolios", "additionalProperties" : { "type" : "string" } }, "creationDate" : { "type" : "string", "example" : "2020-07-22T15:34:53Z", "description" : "Date of initial analysis" }, "label" : { "type" : "string", "example" : "14.10.2019_1", "description" : "Analysis label" }, "date" : { "type" : "string", "example" : "2019-10-14T15:15:15Z", "description" : "Analysis creation date" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Analysis model identifier" }, "encoding" : { "type" : "string", "example" : "UTF-8", "description" : "Analysis encoding" }, "analysisCode" : { "type" : "string", "example" : "A-ZBA-234820349", "description" : "Analysis code" }, "analysisURL" : { "type" : "string", "example" : "https://www.kiuwan.com/saas/web/dashboard/dashboard#$pe=application$sei=2401$mi=dashboard$ac=A-ZBA-234820349", "description" : "Kiuwan link to view the analysis detail" }, "auditResultURL" : { "type" : "string", "description" : "Kiuwan link to view the audit result of the analisys" }, "analysisBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Analysis business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "analysisProvider" : { "type" : "string", "example" : "Lab", "description" : "Analysis provider" }, "analysisPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of analysis portfolios", "additionalProperties" : { "type" : "string" } }, "analysisStatus" : { "type" : "string", "example" : "FINISHED", "description" : "Analysis status", "enum" : [ "EXECUTING", "FINISHED", "FINISHED_WITH_ERROR" ] }, "languages" : { "type" : "array", "description" : "Languages metric list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "architecture" : { "description" : "Architecture detail", "$ref" : "#/definitions/MetadataArchitectureData" }, "insightsData" : { "description" : "Insights metadata", "$ref" : "#/definitions/MetadataInsightsData" }, "unparsedFiles" : { "type" : "array", "description" : "Unparsed Files", "items" : { "$ref" : "#/definitions/UnparsedFileData" } }, "lastSuccessfulBaseline" : { "example" : "{\"baselineDate\": \"2020-08-04T07:21:29Z\",\n \"baselineLabel\": \"baseline_2020\",\n \"analysisCode\": \"A-7e4-173b85b415d\"}", "description" : "last Baseline Analysis Summary", "$ref" : "#/definitions/AnalysisResponse" }, "lastSuccessfulDelivery" : { "example" : "{ \"deliveryDate\": \"2020-08-05T07:56:29Z\",\n \"changeRequest\": \"CR_123\",\n \"branchName\": \"master\",\n \"deliveryLabel\": \"delivery_2020\",\n \"type\": \"complete\",\n \"analysisCode\": \"A-7e5-273c8db761a\"}", "description" : "last successful delivery", "$ref" : "#/definitions/AnalysisResponse" }, "quality_model" : { "type" : "string", "example" : "CQM", "description" : "Application quality model name" }, "ordered_by" : { "type" : "string", "example" : "github software", "description" : "Analysis user invoker" }, "Risk index" : { "description" : "Risk index metric", "$ref" : "#/definitions/MetricValueData" }, "Quality indicator" : { "description" : "Quality indicator metric", "$ref" : "#/definitions/MetricValueData" }, "Effort to target" : { "description" : "Effort to target metric", "$ref" : "#/definitions/MetricValueData" }, "Main metrics" : { "type" : "array", "description" : "Main metrics list", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "Security" : { "type" : "object", "example" : "{ "Rating": 1, {"3Stars":104.6,"5Stars":255.9,"2Stars":64.89,"4Stars":247.4}", "description" : "Map of security metrics", "readOnly" : true, "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Application and Analysis details" }, "ApplicationManagementRequest" : { "type" : "object", "required" : [ "name" ], "properties" : { "name" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "model" : { "type" : "string", "example" : "CQM", "description" : "Application model name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "portfolios" : { "type" : "array", "description" : "Application portfolios list", "items" : { "$ref" : "#/definitions/PortfolioData" } }, "targets" : { "type" : "object", "description" : "Application targets map", "additionalProperties" : { "type" : "number", "format" : "double" } }, "newName" : { "type" : "string", "example" : "myNewApp", "description" : "New application name" }, "businessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "provider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 1243, "description" : "Application model identifier" }, "newModelId" : { "type" : "integer", "format" : "int64", "example" : 1345, "description" : "New model identifier" }, "forceModel" : { "type" : "boolean", "example" : true, "description" : "Force model", "enum" : [ true, false ] }, "sourceCodeUpload" : { "type" : "boolean", "example" : true, "description" : "Source code upload", "enum" : [ true, false ] }, "audit" : { "type" : "string", "example" : "true", "description" : "Audit" } }, "description" : "Request object for Application Management" }, "ApplicationPermissionsData" : { "type" : "object", "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "roleName" : { "type" : "string", "example" : "None", "description" : "Name of the role assigned to user" }, "override" : { "type" : "boolean", "example" : true, "description" : "Indicates if override the configuration or not", "enum" : [ true, false ] }, "deleteActionPlans" : { "type" : "boolean", "example" : true, "description" : "If the user can delete action plan for this application" }, "deleteAnalysis" : { "type" : "boolean", "example" : true, "description" : "If the user can delete analysis for this application" }, "deleteDeliveries" : { "type" : "boolean", "example" : true, "description" : "If the user can delete deliveries for this application" }, "executeAnalysis" : { "type" : "boolean", "example" : true, "description" : "If the user can execute analysis for this application" }, "executeDeliveries" : { "type" : "boolean", "example" : true, "description" : "If the user can execute deliveries plan for this application" }, "exportActionPlansJira" : { "type" : "boolean", "example" : true, "description" : "If the user can export action plan to JIRA for this application" }, "muteDefects" : { "type" : "boolean", "example" : true, "description" : "If the user can mute defects for this application" }, "changeDefectStatus" : { "type" : "boolean", "example" : true, "description" : "If the user can change the status of a defect in this application" }, "saveActionPlans" : { "type" : "boolean", "example" : true, "description" : "If the user can save action plan for this application" }, "viewApplicationData" : { "type" : "boolean", "example" : true, "description" : "If the user can see application data for this application" }, "viewDeliveries" : { "type" : "boolean", "example" : true, "description" : "If the user can see deliveries for this application" } }, "description" : "Response object for Application Permissions" }, "ApplicationResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "android", "description" : "Application name" }, "description" : { "type" : "string", "example" : "GitHub Android App", "description" : "Application description" }, "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Application audit name" }, "applicationBusinessValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Application business value", "enum" : [ "VERY LOW", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "applicationProvider" : { "type" : "string", "example" : "Lab", "description" : "Application provider" }, "applicationPortfolios" : { "type" : "object", "example" : "{ "country": "spain" }", "description" : "Map of application portfolios", "additionalProperties" : { "type" : "string" } }, "creationDate" : { "type" : "string", "example" : "2020-07-22T15:34:53Z", "description" : "Date of initial analysis" }, "lastSuccessfulBaseline" : { "example" : "{\"baselineDate\": \"2020-08-04T07:21:29Z\",\n \"baselineLabel\": \"baseline_2020\",\n \"analysisCode\": \"A-7e4-173b85b415d\"}", "description" : "last Baseline Analysis Summary", "$ref" : "#/definitions/AnalysisResponse" }, "lastSuccessfulDelivery" : { "example" : "{ \"deliveryDate\": \"2020-08-05T07:56:29Z\",\n \"changeRequest\": \"CR_123\",\n \"branchName\": \"master\",\n \"deliveryLabel\": \"delivery_2020\",\n \"type\": \"complete\",\n \"analysisCode\": \"A-7e5-273c8db761a\"}", "description" : "last successful delivery", "$ref" : "#/definitions/AnalysisResponse" }, "quality_model" : { "type" : "string", "example" : "CQM", "description" : "Application quality model name" } }, "description" : "Response object for Application" }, "ApplicationRoleData" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "ApplicationInJapan", "description" : "Application name" }, "roleName" : { "type" : "string", "example" : "None", "description" : "Name of the role to assign" }, "override" : { "type" : "boolean", "example" : true, "description" : "Indicates if override the configuration or not", "enum" : [ true, false ] } }, "description" : "Data object for Application Role" }, "ApplicationsComponentsResponse" : { "type" : "object", "properties" : { "application" : { "description" : "Application detail", "$ref" : "#/definitions/ApplicationResponse" }, "component" : { "description" : "Component detail", "$ref" : "#/definitions/ComponentSimpleRestData" } } }, "ArtifactLicensesData" : { "type" : "object", "required" : [ "artifact", "language", "spdxids", "version" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Language" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "spdxids" : { "type" : "array", "example" : "Apache-2.0", "description" : "List of Spdxids of licenses to associate with the artifact", "items" : { "type" : "string" } } }, "description" : "Data object for Artifact Licenses" }, "AuditAnalysisResultResponse" : { "type" : "object", "properties" : { "auditName" : { "type" : "string", "example" : "Kiuwan default audit", "description" : "Audit name" }, "description" : { "type" : "string", "example" : "Default audit provided by Kiuwan. Checks if there are new defects. The audit will not pass if there are any.", "description" : "Audit description" }, "approvalThreshold" : { "type" : "number", "format" : "double", "example" : 50.0, "description" : "Audit approval threshold" }, "overallResult" : { "type" : "string", "example" : "FAIL", "description" : "Audit overall result", "enum" : [ "OK", "FAIL" ] }, "score" : { "type" : "number", "format" : "double", "example" : 0.0, "description" : "Score" }, "checkpointResults" : { "type" : "array", "description" : "List of checkpoint results", "items" : { "$ref" : "#/definitions/CheckpointResultData" } } }, "description" : "Response object for Audit Analysis Result" }, "AuditCheckpointReport" : { "type" : "object", "properties" : { "cost" : { "type" : "integer", "format" : "int32" } } }, "AuditResultResponse" : { "type" : "object", "properties" : { "analysisCode" : { "type" : "string", "example" : "A-7e3-16e5b1aad2a", "description" : "Analysis code" }, "passAudit" : { "type" : "boolean", "example" : false, "description" : "Indicates if the audit has been passed" }, "label" : { "type" : "string", "example" : "cr_21.11.2019", "description" : "Audit label" }, "creationTimestamp" : { "type" : "string", "example" : "2019-11-21T12:51:40Z", "description" : "Audit creation time" }, "metrics" : { "type" : "object", "example" : "{"com.optimyth.CQM.defectsByPriority.Priority 2": 2,"com.optimyth.CQM.defectsByPriority.Priority 3": 1}", "description" : "Audit metrics", "additionalProperties" : { "type" : "number", "format" : "double" } } }, "description" : "Response object for Audit Result" }, "AuthorizationResponse" : { "type" : "object", "properties" : { "actionCode" : { "type" : "string", "example" : "MUTE_DEFECTS", "description" : "The action code" }, "granted" : { "type" : "boolean", "example" : true, "description" : "Indicates if the action is granted or not", "enum" : [ true, false ] } }, "description" : "Response object for Authorization" }, "BusinessValuePortfolioRoleData" : { "type" : "object", "properties" : { "type" : { "type" : "string", "example" : "SYSTEM", "description" : "Portfolio type", "enum" : [ "SYSTEM" ] }, "portfolioValue" : { "type" : "string", "example" : "CRITICAL", "description" : "Portfolio value" }, "roleName" : { "type" : "string", "example" : "Readonly", "description" : "Name of the role to assign" } }, "description" : "Data object for a business value portfolio and role to assign" }, "CheckpointResultData" : { "type" : "object", "properties" : { "checkpoint" : { "type" : "string", "example" : "1", "description" : "Checkpoint" }, "result" : { "type" : "string", "example" : "FAIL", "description" : "Checkpoint result", "enum" : [ "OK", "FAIL" ] }, "name" : { "type" : "string", "example" : "No new defects", "description" : "Checkpoint name" }, "description" : { "type" : "string", "example" : "If a new defect is detected, the checkpoint will not pass.", "description" : "Checkpont decription" }, "weight" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Weight" }, "mandatory" : { "type" : "boolean", "example" : true, "description" : "Indicates if the checkpoint is mandatory or not" }, "type" : { "type" : "string", "example" : "Threshold for maximum new defects", "description" : "Checkpoint type" }, "score" : { "type" : "number", "format" : "double", "example" : 0.0, "description" : "Checkpoint score" }, "violatedRules" : { "type" : "array", "description" : "List of violated rules", "items" : { "$ref" : "#/definitions/ViolatedRuleResponse" } } }, "description" : "Data object for Checkpoint Result" }, "ComponentDetailResponse" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 23, "description" : "Identifier" }, "dn" : { "type" : "string", "example" : "app=myApp,class=com.myCompany.myApp.file.CSRFServlet", "description" : "Name identifier description" }, "name" : { "type" : "string", "example" : "com.myCompany.myApp.CSRFServlet", "description" : "Component name" }, "type" : { "type" : "string", "example" : "class", "description" : "Component type" }, "language" : { "type" : "string", "example" : "java", "description" : "Language" }, "tags" : { "type" : "array", "example" : "Security,CSRF", "description" : "Component Tags", "items" : { "type" : "object" } }, "grouptags" : { "type" : "object", "example" : "{"Servlet": "FileServlet"}", "description" : "Map of group tags", "additionalProperties" : { "type" : "string" } }, "artifacts" : { "type" : "array", "example" : "{0}/src/main/java/com/myCompany/myApp/CSRFServlet", "description" : "Artifacts list", "items" : { "type" : "object" } }, "analyzed" : { "type" : "boolean", "example" : true, "description" : "Analyzed" }, "loc" : { "type" : "number", "format" : "double", "example" : 210.0, "description" : "Lines of code" }, "quality" : { "type" : "number", "format" : "double", "description" : "Quality indicator value" }, "dupCode" : { "type" : "number", "format" : "double", "description" : "Duplicated code" }, "ccn" : { "type" : "number", "format" : "double", "example" : 15.0, "description" : "Cyclomatic complexity number" }, "effort" : { "type" : "number", "format" : "double", "description" : "Effort value" }, "groupedCount" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Grouped count" }, "other" : { "type" : "object", "example" : "{ "componentType": "class", "j2eeType": "class", "description": "class java" }", "description" : "Map of additional properties", "additionalProperties" : { "type" : "object" } } }, "description" : "Response object for Component Details" }, "ComponentSimpleRestData" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 357, "description" : "Component identifier" }, "artifact" : { "type" : "string", "example" : "org.springframework:spring-core", "description" : "Artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "description" : { "type" : "string", "example" : "Spring Core", "description" : "Artifact description" }, "custom" : { "type" : "boolean", "example" : true, "description" : "If the component is custom or not" } }, "description" : "Data object for Component's basic details" }, "CustomComponentRestData" : { "type" : "object", "required" : [ "artifact", "custom", "language", "showPublicLicenses", "showPublicVulnerabilities", "version" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Language" }, "description" : { "type" : "string", "example" : "This artifact define the spring-aop", "description" : "Component description" }, "date" : { "type" : "string", "example" : "2019-08-03T10:15:30Z", "description" : "Component date" }, "custom" : { "type" : "boolean", "example" : false, "description" : "Confirm that current component is custom (true value) or may be public (false value)" }, "showPublicVulnerabilities" : { "type" : "boolean", "example" : false, "description" : "When custom is true if you want show public vulnerabilities found by Kiuwan" }, "showPublicLicenses" : { "type" : "boolean", "example" : false, "description" : "If you want show licenses found by Kiuwan" } }, "description" : "Data object for Custom Component" }, "CustomComponentSimpleRestData" : { "type" : "object", "required" : [ "artifact", "group", "language" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group " }, "artifact" : { "type" : "string", "example" : "spring-core", "description" : "Artifact name" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Technology" }, "version" : { "type" : "string", "example" : "1.0.0", "description" : "Artifact version" } }, "description" : "Data object for Custom Component's basic details" }, "DatapathData" : { "type" : "object", "properties" : { "index" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Datapath index" }, "kind" : { "type" : "string", "example" : "sink", "description" : "Datapath kind", "enum" : [ "assign", "call", "other", "sink", "source" ] }, "varname" : { "type" : "string", "example" : "user", "description" : "Datapath tainted variable name" }, "lineNumber" : { "type" : "integer", "format" : "int32", "example" : 32, "description" : "Line number" }, "lineText" : { "type" : "string", "example" : "\t\t\tString val = request.getParameter(item);", "description" : "Line text" }, "indirect" : { "type" : "boolean", "example" : true, "description" : "If is a indirect datapath" }, "file" : { "type" : "string", "example" : "FileSystemRepository.java", "description" : "Datapath file" }, "container" : { "type" : "string", "example" : "java.util.Map sanitizeNull(java.util.List,javax.servlet.http.HttpServletRequest)", "description" : "Container" }, "localId" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Local id for this vulnerability" }, "localParentId" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Parent id of this datapath" } }, "description" : "Data object for Datapath" }, "DefectDetailResponse" : { "type" : "object", "properties" : { "defectId" : { "type" : "integer", "format" : "int64", "example" : 16558118, "description" : "Defect identifier" }, "file" : { "type" : "string", "example" : "FileSystemRepository.java", "description" : "Defect file" }, "line" : { "type" : "integer", "format" : "int32", "example" : 368, "description" : "Defect line" }, "code" : { "type" : "string", "example" : "\t\t\tout.println(sql);", "description" : "Code" }, "muted" : { "type" : "boolean", "example" : false, "description" : "Indicates if the defect is muted" }, "vulnerabilityType" : { "type" : "string", "example" : "Injection", "description" : "Vulnerability type (More info in https://www.kiuwan.com/docs/display/K5/Kiuwan+Vulnerability+Types)" }, "explanation" : { "type" : "string", "example" : "Reflected XSS: user_input", "description" : "Defect explanation" }, "status" : { "type" : "string", "example" : "None", "description" : "Defect status", "enum" : [ "None", "To review", "Reviewed" ] }, "cweId" : { "type" : "integer", "format" : "int32", "example" : 79, "description" : "CWE identifier" }, "ruleCode" : { "type" : "string", "example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule", "description" : "Rule code" }, "rule" : { "type" : "string", "example" : "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "description" : "Broken rule" }, "language" : { "type" : "string", "example" : "java", "description" : "Technology (List of supported technologies in https://www.kiuwan.com/docs/display/K5/Kiuwan+Supported+Technologies)" }, "characteristic" : { "type" : "string", "example" : "Security", "description" : "Characteristic", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, "priority" : { "type" : "string", "example" : "Very High", "description" : "Priority", "enum" : [ "Very Low", "Low", "Normal", "High", "Very High" ] }, "effort" : { "type" : "string", "example" : "30m", "description" : "Effort" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Model identifier" }, "securityDetail" : { "description" : "Security detail", "$ref" : "#/definitions/VulnerabilityData" } }, "description" : "Response object for Defect Details" }, "DefectLineResponse" : { "type" : "object", "properties" : { "code" : { "type" : "string", "example" : "\\t\\t\\te.printStackTrace();", "description" : "Defect code" }, "line" : { "type" : "integer", "format" : "int32", "example" : 101, "description" : "Defect line" }, "muted" : { "type" : "boolean", "example" : true, "description" : "Indicates if the defect is muted" } }, "description" : "Response object for Defect Line" }, "DefectNoteResponse" : { "type" : "object", "properties" : { "date" : { "type" : "string", "example" : "2019/05/02 14:26", "description" : "Note date" }, "user" : { "type" : "string", "example" : "John Smith", "description" : "User name" }, "text" : { "type" : "string", "example" : "To review by security experts", "description" : "Note description" } }, "description" : "Response object for Defect Note" }, "DefectsDeltaDetailResponse" : { "type" : "object", "properties" : { "count" : { "type" : "integer", "format" : "int32", "example" : 3, "description" : "Number of defects in this response" }, "page" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Page number" }, "Main analysis code" : { "type" : "string", "example" : "A-7e3-16e5b1aad2a", "description" : "Main analysis code" }, "Previous analysis code" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Previous analysis code" }, "New violated rules count" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "New violated rules count" }, "Removed violated rules count" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Removed violated rules count" }, "New defects count" : { "type" : "integer", "format" : "int32", "example" : 3, "description" : "New defects count" }, "Removed defects count" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Removed defects count" }, "New defects" : { "type" : "array", "description" : "New defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } }, "Removed defects" : { "type" : "array", "description" : "Removed defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Response object for Defects Delta Detail" }, "DefectsDeltaResponse" : { "type" : "object", "properties" : { "Main analysis code" : { "type" : "string", "example" : "A-7e3-16e5b1aad2a", "description" : "Main analysis code" }, "Previous analysis code" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Previous analysis code" }, "New violated rules count" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "New violated rules count" }, "Removed violated rules count" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Removed violated rules count" }, "New defects count" : { "type" : "integer", "format" : "int32", "example" : 3, "description" : "New defects count" }, "Removed defects count" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Removed defects count" } }, "description" : "Response object for Defects Delta" }, "DefectsKeptInCommonDetailResponse" : { "type" : "object", "properties" : { "sinceAnalysisCode" : { "type" : "string", "example" : "A-7e3-16e5b1aad2a", "description" : "Since Analysis Code" }, "atAnalysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "at analysis code" }, "sinceDate" : { "type" : "string", "example" : "2020-03-01T12:00:00Z", "description" : "Since Date" }, "ruleTags" : { "type" : "string", "example" : "PCI-DSS:6.5.1,cwe99", "description" : "With rules with tags" }, "securityOnly" : { "type" : "boolean", "example" : true, "description" : "Security Only rules" }, "totalDefects" : { "type" : "integer", "format" : "int64", "example" : 132, "description" : "Total Defects in Common" }, "count" : { "type" : "integer", "format" : "int32", "example" : 3, "description" : "Number of defects in this response" }, "page" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Page number" }, "defects" : { "type" : "array", "description" : "defects", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Response object for Defects kept in common" }, "DeliveryDefectsData" : { "type" : "object", "properties" : { "newDefects" : { "type" : "integer", "format" : "int32", "example" : 3, "description" : "Number of new defects" }, "removedDefects" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Number of removed defects" }, "defects" : { "type" : "integer", "format" : "int32", "example" : 582, "description" : "Total defects" } }, "description" : "Data object for Delivery Defects" }, "DeliveryFilesData" : { "type" : "object", "properties" : { "count" : { "type" : "integer", "format" : "int32", "example" : 132, "description" : "Files count" } }, "description" : "Data object for Delivery Files" }, "FileData" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "FileSystemRepository.java", "description" : "File name" }, "metrics_count" : { "type" : "integer", "format" : "int32", "example" : 17, "description" : "Metrics count" }, "metrics" : { "type" : "array", "description" : "File metrics", "items" : { "$ref" : "#/definitions/MetricValueData" } }, "defects_count" : { "type" : "integer", "format" : "int32", "example" : 5, "description" : "Number of defects in the file" }, "defects" : { "type" : "array", "description" : "Detail of defects in the file", "items" : { "$ref" : "#/definitions/DefectDetailResponse" } } }, "description" : "Data object for File" }, "FileWithDefectsResponse" : { "type" : "object", "properties" : { "file" : { "type" : "string", "example" : "src/main/java/com/myCompany/myApp/CSRFServlet.java", "description" : "File name" }, "defectsCount" : { "type" : "integer", "format" : "int64", "example" : 1, "description" : "Number of defects" }, "defects" : { "description" : "Link to the defects line", "$ref" : "#/definitions/HrefData" } }, "description" : "Response object for File with Defects" }, "FilterData" : { "type" : "object", "properties" : { "contains" : { "type" : "string", "example" : "custom.js", "description" : "Contains filter" }, "notContains" : { "type" : "string", "example" : "testFactory", "description" : "Not contains filter" }, "languages" : { "type" : "string", "example" : "java,javascript", "description" : "Languages filter, comma-separated list of languages to filter by (List of supported technologies in https://www.kiuwan.com/docs/display/K5/Kiuwan+Supported+Technologies)" }, "types" : { "type" : "string", "example" : "program,element,map,class", "description" : "Types filter, comma-separated list of types to filter by" }, "analyzed" : { "type" : "boolean", "example" : true, "description" : "Is analyzed filter", "enum" : [ true, false ] }, "fileName" : { "type" : "string", "example" : "custom.js", "description" : "File name filter" }, "tags" : { "type" : "string", "example" : "myTag1,myTag2", "description" : "Tags filter, Comma-separated list of tags to filter by" }, "groupTags" : { "type" : "array", "description" : "List of group tags filter", "items" : { "$ref" : "#/definitions/GroupTagData" } } }, "description" : "Data object for Filter" }, "FrameData" : { "type" : "object", "properties" : { "index" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Frame index" }, "file" : { "type" : "string", "example" : "FileSystemRepository.java", "description" : "Frame file" }, "lineNumber" : { "type" : "integer", "format" : "int32", "example" : 32, "description" : "Line number" }, "lineText" : { "type" : "string", "example" : "\t\t\tString val = request.getParameter(item);", "description" : "Line text" }, "category" : { "type" : "string", "example" : "user_input", "description" : "Frame category" }, "resource" : { "type" : "string", "example" : "web", "description" : "Resource" }, "container" : { "type" : "string", "example" : "java.util.Map sanitizeNull(java.util.List,javax.servlet.http.HttpServletRequest)", "description" : "Container" }, "injectionPoint" : { "type" : "string", "description" : "InjectionPoint" }, "variableDeclaration" : { "type" : "string", "description" : "Variable declaration" } }, "description" : "Data object for Frame" }, "GlobalCounterResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "analysis", "description" : "Global counter name" }, "value" : { "type" : "object", "example" : "3806.0", "description" : "Global counter value" } }, "description" : "Response object for Stats" }, "GroupTagData" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "Servlets", "description" : "Group tag name" }, "value" : { "type" : "string", "example" : "FileServlet", "description" : "Group tag value" } }, "description" : "Data object for Group Tag" }, "HrefData" : { "type" : "object", "properties" : { "href" : { "type" : "string", "example" : "https://api.kiuwan.com/audits/checkpoints/violatedrules/files/defects?application=myApp&deliveryCode=A-7e3-16e5b1aad2a&checkpoint=3452&ruleCode=OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule&file=src%2Fmain%2Fjava%2Fcom%2FmyCompany%2FmyApp%2FCSRFServlet.java", "description" : "Defect link" } }, "description" : "Data object for Href" }, "InsightsComponentRestResponse" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 178, "description" : "Component identifier" }, "artifact" : { "type" : "string", "example" : "org.springframework:spring-aop", "description" : "Artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "filename" : { "type" : "string", "example" : "spring-aop-3.2.13.RELEASE.jar", "description" : "File name" }, "language" : { "type" : "string", "example" : "java", "description" : "Technology" }, "obsolescenceRisk" : { "type" : "string", "example" : "medium", "description" : "Component obsolescence risk (high, medium, low, none, unknown)", "enum" : [ "high", "medium", "low", "none", "unknown" ] }, "licenseRisk" : { "type" : "string", "example" : "unknown", "description" : "Component license risk (high, medium, low, none, unknown)", "enum" : [ "high", "medium", "low", "none", "unknown" ] }, "securityRisk" : { "type" : "string", "example" : "high", "description" : "Component security risk (high, medium, low, none, unknown)", "enum" : [ "high", "medium", "low", "none", "unknown" ] }, "custom" : { "type" : "boolean", "example" : true, "description" : "If the component is custom or not" }, "sources" : { "type" : "array", "description" : "Sources list", "items" : { "$ref" : "#/definitions/SourceRootSimpleRestData" } }, "vulnerabilities" : { "type" : "array", "description" : "Vulnerabilities list", "items" : { "$ref" : "#/definitions/VulnerabilityRestData" } } }, "description" : "Response object for Component details" }, "LicenseRestData" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 23, "description" : "License identifier" }, "license" : { "type" : "string", "example" : "Apache License 2.0", "description" : "License name" }, "component" : { "type" : "string", "example" : "8", "description" : "Number of components with this license" }, "spdxCode" : { "type" : "string", "example" : "Apache-2.0", "description" : "SPDX code (Software Package Data Exchange)" }, "type" : { "type" : "string", "example" : "Permissive", "description" : "License type", "enum" : [ "Copyleft", "Copyrighted", "NonOpenSource", "Permissive", "Propietary", "PublicDomain", "Unknown", "WeakCopyleft" ] }, "url" : { "type" : "string", "example" : "https://spdx.org/licenses/Apache-2.0.html", "description" : "Link to license description" }, "risk" : { "type" : "string", "example" : "none", "description" : "License risk", "enum" : [ "High", "Medium", "Low", "None", "Unknown" ] }, "permissions" : { "type" : "string", "example" : "[\"COMMERCIAL\",\"MODIFY\",\"DISTRIBUTE\",\"SUBLICENSE\",\"PRIVATE\",\"USE_PATENT_CLAIMS\",\"PLACE_WARRANTY\"]", "description" : "License permissions" }, "limitations" : { "type" : "string", "example" : "[\"HOLD_LIABLE\",\"USE_TRADEMARK\"]", "description" : "License limitations" }, "conditions" : { "type" : "string", "example" : "[\"INCL_COPYRIGHT\",\"INCL_LICENSE\",\"STATE_CHANGES\",\"INCLUDE_NOTICE\"]", "description" : "License conditions" }, "components" : { "type" : "array", "description" : "List of components with this license", "items" : { "$ref" : "#/definitions/ComponentSimpleRestData" } } }, "description" : "Data object for License" }, "ListComponentsRequest" : { "type" : "object", "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "analysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis Code" }, "pagination" : { "description" : "Pagination", "$ref" : "#/definitions/PaginationData" }, "filter" : { "description" : "Filter", "$ref" : "#/definitions/FilterData" } }, "description" : "It is necessary to indicate the name of the application or the analysis code" }, "ListComponentsResponse" : { "type" : "object", "properties" : { "pagination" : { "description" : "Pagination", "$ref" : "#/definitions/PaginationData" }, "data" : { "type" : "array", "description" : "List of components", "items" : { "$ref" : "#/definitions/ComponentDetailResponse" } } }, "description" : "Response object for Components List" }, "ListInsightsComponentsResponse" : { "type" : "object", "properties" : { "data" : { "type" : "array", "description" : "Insights components detail list", "items" : { "$ref" : "#/definitions/InsightsComponentRestResponse" } } }, "description" : "Response object for Insights Components List" }, "ListLicensesResponse" : { "type" : "object", "properties" : { "data" : { "type" : "array", "description" : "Insights components license detail list", "items" : { "$ref" : "#/definitions/LicenseRestData" } } }, "description" : "Response object for Licenses List" }, "ListObsolescencesResponse" : { "type" : "object", "properties" : { "data" : { "type" : "array", "description" : "Insights components obsolescence detail list", "items" : { "$ref" : "#/definitions/ObsolescenceRestData" } } }, "description" : "Response object for Obsolescence List" }, "ListSecuritiesResponse" : { "type" : "object", "properties" : { "data" : { "type" : "array", "description" : "Insights vulnerabilities detail list", "items" : { "$ref" : "#/definitions/SecurityRestData" } } }, "description" : "Response object for Security List" }, "ListSpdxLicensesResponse" : { "type" : "object", "properties" : { "data" : { "type" : "array", "description" : "Insights spdx licenses list", "items" : { "$ref" : "#/definitions/SpdxLicenseData" } } }, "description" : "Response object for Spdx Licenses List" }, "MetadataArchitectureData" : { "type" : "object", "properties" : { "languages" : { "type" : "array", "description" : "Number of different languages", "items" : { "$ref" : "#/definitions/ValueCountData" } }, "types" : { "type" : "array", "description" : "Number of different types", "items" : { "$ref" : "#/definitions/ValueCountData" } }, "relations" : { "type" : "array", "description" : "Number of relations", "items" : { "$ref" : "#/definitions/ValueCountData" } }, "tags" : { "type" : "array", "example" : "tag1", "description" : "List of tags", "items" : { "type" : "string" } }, "groupTags" : { "type" : "object", "example" : "group1", "description" : "List of groups", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } } }, "description" : "Data object for Architecture Metadata" }, "MetadataInsightsData" : { "type" : "object", "properties" : { "components" : { "type" : "integer", "format" : "int32", "example" : 29, "description" : "Number of components in current analysis" }, "vulnerabilities" : { "type" : "integer", "format" : "int32", "example" : 15, "description" : "Number of vulnerabilities in current analysis" }, "licenses" : { "type" : "integer", "format" : "int32", "example" : 8, "description" : "Number of different licenses in current analysis" }, "duplicates" : { "type" : "integer", "format" : "int32", "example" : 8, "description" : "Number of duplicated components in current analysis" }, "risks" : { "type" : "array", "description" : "Risk metadata for current analysis. Risk components by vulnerabilities, by licenses and obsolescence", "items" : { "$ref" : "#/definitions/MetadataInsightsRiskData" } } }, "description" : "Data object for Insights Metadata" }, "MetadataInsightsRiskData" : { "type" : "object", "properties" : { "name" : { "type" : "string", "description" : "Risk name. by vulnerabilities, by licenses and obsolescence" }, "risk" : { "type" : "object", "description" : "Map with number of components by severity", "additionalProperties" : { "type" : "integer", "format" : "int32" } } }, "description" : "Data object for Insights Risk Metadata" }, "MetricValueData" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "metric name", "description" : "Metric name" }, "value" : { "type" : "number", "format" : "double", "example" : 50.0, "description" : "Metric value" }, "size" : { "type" : "integer", "format" : "int32", "example" : 4013, "description" : "Metric size" }, "minRange" : { "type" : "number", "format" : "double", "example" : 1.0, "description" : "Metric minimun range" }, "maxRange" : { "type" : "number", "format" : "double", "example" : 1.0, "description" : "Metric maximum range" }, "index" : { "type" : "integer", "format" : "int32", "example" : 0, "description" : "Index" }, "color" : { "type" : "string", "example" : "red", "description" : "Metric color" } }, "description" : "Data object for Metric Value" }, "MutePatternResponse" : { "type" : "object", "properties" : { "reason" : { "type" : "string", "example" : "TOO_MANY_DEFECTS", "description" : "Reason" }, "comment" : { "type" : "string", "example" : "Created after review meeting", "description" : "Comment" }, "customerId" : { "type" : "integer", "format" : "int64", "example" : 12334, "description" : "Customer Id" }, "lineText" : { "type" : "string", "example" : " throw new NullPointerException();", "description" : "Line Text" }, "sourceLineText" : { "type" : "string", "description" : "Source Line Text" }, "lineNumber" : { "type" : "integer", "format" : "int32", "example" : 113, "description" : "Line Number" }, "lastActionDate" : { "type" : "string", "example" : "2021-10-1T15:15:15Z", "description" : "Last Action Date" }, "lastActionUserName" : { "type" : "string", "example" : "Administrator Site (sysadmin)", "description" : "Last Action User Name" }, "lastMuteAction" : { "type" : "string", "example" : "MUTEACTION_CREATE", "description" : "Last Mute Action", "enum" : [ "MUTEACTION_CREATE", "MUTEACTION_UPDATE", "MUTEACTION_DELETE", "MUTEACTION_DEACTIVATE" ] }, "fileName" : { "type" : "string", "example" : "path/to/file.java", "description" : "File name" }, "fileNamePatterns" : { "type" : "string", "example" : "extras/*", "description" : "File patterns" }, "ruleName" : { "type" : "string", "example" : "Avoid launching NullPointerExceptions", "description" : "Rule name" }, "ruleCode" : { "type" : "string", "example" : "OPT.JAVA.EXCP.AvoidThrowNullPointerExceptions", "description" : "Rule code" }, "active" : { "type" : "boolean", "example" : true, "description" : "Active" } }, "description" : "Response object for MutePattern" }, "NavigationFilterData" : { "type" : "object", "properties" : { "relations" : { "type" : "string", "example" : "contains,uses,update", "description" : "Comma separated list of component relations (calls, configuration, delete, includes, inherits...)" }, "direction" : { "type" : "string", "example" : "out", "description" : "Direction (in, out, any; default: out)", "enum" : [ "in", "out", "any" ] }, "depth" : { "type" : "integer", "format" : "int32", "example" : 2, "description" : "Depth" } }, "description" : "Data object for Navigation Filter" }, "ObsolescenceRestData" : { "type" : "object", "properties" : { "component" : { "type" : "string", "example" : "commons-logging:commons-logging", "description" : "Component name" }, "language" : { "type" : "string", "example" : "java", "description" : "Technology (List of supported technologies in https://www.kiuwan.com/docs/display/K5/Kiuwan+Supported+Technologies)" }, "usedVersion" : { "type" : "string", "example" : "1.1.3", "description" : "Component used version" }, "dateUsed" : { "type" : "string", "example" : "2013/05/16", "description" : "Component used version date" }, "lastVersion" : { "type" : "string", "example" : "1.2", "description" : "Component last version" }, "dateLast" : { "type" : "string", "example" : "2014/07/05", "description" : "Component last version date" }, "release" : { "type" : "string", "example" : "1", "description" : "Number of releases between used and last version" }, "outOfDate" : { "type" : "string", "example" : "1y 50d", "description" : "Number of days between used and last version" }, "timeInactivity" : { "type" : "string", "example" : "5y 194d", "description" : "Number of days from last version date" }, "obsolescenceRisk" : { "type" : "string", "example" : "3.33", "description" : "Component obsolescence risk number, between 0-10" }, "risk" : { "type" : "string", "example" : "Medium", "description" : "Component obsolescence risk (High, Medium, Low)", "enum" : [ "High", "Medium", "Low" ] }, "description" : { "type" : "string", "example" : "Commons Logging is a thin adapter allowing configurable bridging to other,\n well known logging systems.", "description" : "Component description" }, "custom" : { "type" : "boolean", "example" : true, "description" : "If the component is custom or not" } }, "description" : "Data object for Obsolescence" }, "PaginationData" : { "type" : "object", "properties" : { "page" : { "type" : "integer", "format" : "int32", "example" : 1, "description" : "Page number" }, "count" : { "type" : "integer", "format" : "int32", "example" : 500, "description" : "Number of components per page" }, "total" : { "type" : "integer", "format" : "int64", "example" : 5654, "description" : "Total Components" } }, "description" : "Data object for Pagination" }, "PortfolioData" : { "type" : "object", "properties" : { "portfolioName" : { "type" : "string", "example" : "country", "description" : "Portfolio name" }, "portfolioValue" : { "type" : "string", "example" : "spain", "description" : "Portfolio value" } }, "description" : "Data object for Portfolio" }, "PortfolioDefinitionData" : { "type" : "object", "required" : [ "name" ], "properties" : { "name" : { "type" : "string", "example" : "provider", "description" : "Portfolio name" }, "description" : { "type" : "string", "example" : "List of company providers", "description" : "Portfolio description" }, "isSystemPortfolio" : { "type" : "boolean", "example" : true, "description" : "Indicates if it is a system portfolio", "enum" : [ true, false ] }, "values" : { "type" : "array", "example" : "["Lab", "Factory"]", "description" : "Portfolio values", "items" : { "type" : "string" } } }, "description" : "Data object for Portfolio Definition" }, "PortfolioRoleData" : { "type" : "object", "properties" : { "type" : { "type" : "string", "example" : "CUSTOM", "description" : "Portfolio type (CUSTOM, SYSTEM)", "enum" : [ "CUSTOM", "SYSTEM" ] }, "portfolioName" : { "type" : "string", "example" : "Region", "description" : "Portfolio name" }, "portfolioValue" : { "type" : "string", "example" : "Asia", "description" : "Portfolio value" }, "roleName" : { "type" : "string", "example" : "Write", "description" : "Name of the role to assign" } }, "description" : "Data object for Portfolio Role" }, "PrivateVulnerabilityRestData" : { "type" : "object", "required" : [ "vulnerabilityCode" ], "properties" : { "vulnerabilityCode" : { "type" : "string", "example" : "CUSTOM-0001", "description" : "vulnerability Code" }, "cwe" : { "type" : "string", "example" : "CWE-20", "description" : "CWE reference (Common Weakness Enumeration Specification)" }, "description" : { "type" : "string", "example" : "Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.", "description" : "Vulnerability description" }, "severity" : { "type" : "string", "example" : "Low", "description" : "Vulnerability severity (High, Medium, Low)", "enum" : [ "High", "Medium", "Low" ] }, "v2vectorString" : { "type" : "string", "example" : "AV:N/AC:M/Au:S/C:N/I:N/A:P", "description" : "CVSS V2 Vector" }, "v2accessVector" : { "type" : "string", "example" : "Local ", "description" : "V2 Access Vector (Local , Adjacent Network, Network )", "enum" : [ "Local", "Adjacent Network", "Network" ] }, "v2accessComplexty" : { "type" : "string", "example" : "Low", "description" : "V2 Access Complexty (High, Medium, Low)", "enum" : [ "High", "Medium", "Low" ] }, "v2authentication" : { "type" : "string", "example" : "None", "description" : "V2 Authentication (Multiple, Single, None)", "enum" : [ "Multiple", "Single", "None" ] }, "v2confidentialityImpact" : { "type" : "string", "example" : "None", "description" : "V2 Confidentiality Impact (None, Partial, Complete)", "enum" : [ "None", "Partial", "Complete" ] }, "v2integrityImpact" : { "type" : "string", "example" : "None", "description" : "V2 Integrity Impact(None, Partial, Complete)", "enum" : [ "None", "Partial", "Complete" ] }, "v2availabilityImpact" : { "type" : "string", "example" : "None", "description" : "V2 Availability Impact(None, Partial, Complete)", "enum" : [ "None", "Partial", "Complete" ] }, "v2baseScore" : { "type" : "number", "format" : "double", "example" : 4.6, "description" : "V2 Base Score " }, "v2exploitabilityScore" : { "type" : "number", "format" : "double", "example" : 8.5, "description" : "V2 Exploitability Score " }, "v2impactScore" : { "type" : "number", "format" : "double", "example" : 8.5, "description" : "V2 Impact Score " }, "v3vectorString" : { "type" : "string", "example" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "description" : "V3 Vector" }, "v3attackVector" : { "type" : "string", "example" : "Network", "description" : "V3 Attack Vector (Network, Adjacent, Local, Physical)", "enum" : [ "Network", "Adjacent", "Local", "Physical" ] }, "v3attackComplexity" : { "type" : "string", "example" : "Low", "description" : "V3 Attack Complexity (Low, High)", "enum" : [ "Low", "High" ] }, "v3privilegesRequired" : { "type" : "string", "example" : "Low", "description" : "V3 Privileges Required (None, Low, High)", "enum" : [ "None", "Low", "High" ] }, "v3userInteraction" : { "type" : "string", "example" : "None", "description" : "V3 User Interaction (None, Required , High)", "enum" : [ "None", "Required", "High" ] }, "v3scope" : { "type" : "string", "example" : "Unchanged", "description" : "V3 Scope (Unchanged , Changed)", "enum" : [ "Unchanged", "Changed" ] }, "v3confidentialityImpact" : { "type" : "string", "example" : "None", "description" : "V3 Confidentiality Impact (High, Low, None)", "enum" : [ "High", "Low", "None" ] }, "v3integrityImpact" : { "type" : "string", "example" : "None", "description" : "V3 Integrity Impact (High, Low, None)", "enum" : [ "High", "Low", "None" ] }, "v3availabilityImpact" : { "type" : "string", "example" : "None", "description" : "V3 Availability Impact (High, Low, None)", "enum" : [ "High", "Low", "None" ] }, "v3baseScore" : { "type" : "number", "format" : "double", "example" : 7.5, "description" : "V3 Base Score" }, "v3baseSeverity" : { "type" : "string", "example" : "Low", "description" : "V3 Base Severity (None, Low, Medium, High, Critical)", "enum" : [ "None", "Low", "Medium", "High", "Critical" ] }, "v3exploitabilityScore" : { "type" : "number", "format" : "double", "example" : 3.9, "description" : "V3 Exploitability Score" }, "v3impactScore" : { "type" : "number", "format" : "double", "example" : 3.6, "description" : "V3 Impact Score" }, "vulnerableArtifactVersions" : { "type" : "array", "description" : "Vulnerable artifacts and versions", "items" : { "$ref" : "#/definitions/VulnerableArtifactVersionsData" } } }, "description" : "Data object for Private Vulnerability" }, "ProviderPortfolioRoleData" : { "type" : "object", "properties" : { "type" : { "type" : "string", "example" : "SYSTEM", "description" : "Portfolio type", "enum" : [ "SYSTEM" ] }, "portfolioValue" : { "type" : "string", "example" : "Provider1", "description" : "Portfolio value" }, "roleName" : { "type" : "string", "example" : "Write", "description" : "Name of the role to assign" } }, "description" : "Data object for Provider Portfolio and Role to assign" }, "RelationRestData" : { "type" : "object", "properties" : { "source" : { "type" : "integer", "format" : "int64", "example" : 5473, "description" : "Source" }, "target" : { "type" : "integer", "format" : "int64", "example" : 5468, "description" : "Target" }, "type" : { "type" : "string", "example" : "uses", "description" : "Relation type" } }, "description" : "Data object for Relation" }, "ResultData" : { "type" : "object", "properties" : { "result" : { "type" : "string", "example" : "OK", "description" : "Operation result" } }, "description" : "Data object for Result" }, "RuleDocumentationResponse" : { "type" : "object", "properties" : { "description" : { "type" : "string", "example" : "Software places user-controlled input in page content. An attacker could inject browser script code that is executed\nin the client browser. The end-user is the attacked subject, and the software is the vehicle for the attack.\nThere are two main kinds of XSS:\n\n* Reflected XSS: Attacker causes victim to supply malicious content to a vulnerable web application, which\n renders HTML content embedding a malicious script executed in victim's browser. A variation of this is named\n DOM-based XSS, where the vulnerable software does not generate content depending on user input but include\n script code that use user-controlled input.\n\n* Persisted XSS: Attacker provides malicious content to vulnerable application. When other user access to\n vulnerable pages that embed without proper neutralization the attacker content, script code is executed in the\n victim's browser.\n\nThe script executed in the victim's browser could perform malicious activities.\n\nMany browsers could limit the damage via security restrictions (e.g. 'same origin policy'), but user browsers\ngenerally allow scripting languages (e.g. JavaScript) in their browsers (disabling JavaScript severely limits\na web site).", "description" : "Rule description" }, "name" : { "type" : "string", "example" : "Do not use variables as parameters for messages", "description" : "Rule name" }, "code" : { "type" : "string", "example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule", "description" : "Rule code" }, "references" : { "type" : "string", "example" : "http://cwe.mitre.org/data/definitions/79.html,https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet,https://www.google.es/about/appsecurity/learning/xss/,https://www.securecoding.cert.org/confluence/display/java/IDS51-J.+Properly+encode+or+escape+output", "description" : "Comma separated list of rule references" }, "benefits" : { "type" : "string", "description" : "Rule benefits" }, "drawbacks" : { "type" : "string", "description" : "Rule drawbacks" }, "violationCode" : { "type" : "string", "example" : "import javax.servlet.http.HttpServletRequest;\nimport javax.servlet.http.HttpServletResponse;\nimport java.io.IOException;\nimport java.io.PrintWriter;\n\npublic class CrossSiteScriptingCode {\n public void directXSS(HttpServletRequest req, HttpServletResponse res) throws IOException {\n PrintWriter w = res.getWriter();\n w.println( req.getParameter(\\\"input\\\") ); // VIOLATION\n }\n}", "description" : "Violation code example" }, "fixedCode" : { "type" : "string", "example" : "import javax.servlet.http.HttpServletRequest;\nimport javax.servlet.http.HttpServletResponse;\nimport java.io.IOException;\nimport java.io.PrintWriter;\nimport org.owasp.html.*;\n\npublic class CrossSiteScriptingCode {\n public void directXSS(HttpServletRequest req, HttpServletResponse res) throws IOException {\n PrintWriter w = res.getWriter();\n // OWASP Java HTML Sanitizer (upgrade to r88 or later)\n // Use your own security library if needed\n PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);\n String safeHTML = policy.sanitize( req.getParameter(\\\"input\\\") );\n w.println(safeHTML); // OK\n }\n}", "description" : "Fixed code example" }, "tags" : { "type" : "array", "example" : "["CWEScope:Access-Control","CWEScope:Availability","CWEScope:Confidentiality","CWEScope:Integrity","essential"]", "description" : "Rule tags list", "items" : { "type" : "string" } }, "normatives" : { "type" : "array", "example" : "["CERT-J:IDS51-J","CWE:79","OWASP:2013:A3","OWASP:2017:A7","OWASP-M:2014:M7","PCI-DSS:6.5.7","SANS25:2010:1","SANS25:2011:4","WASC:08"]", "description" : "Rule normatives list", "items" : { "type" : "string" } } }, "description" : "Response object for RuleDocumentation" }, "SearchImpactResponse" : { "type" : "object", "properties" : { "pagination" : { "description" : "Pagination", "$ref" : "#/definitions/PaginationData" }, "data" : { "type" : "array", "description" : "List of components", "items" : { "$ref" : "#/definitions/ComponentDetailResponse" } }, "analysisImpactCode" : { "type" : "string", "example" : "0143dde8-3d81-44ac-ab77-fb5132c0f3b0", "description" : "Analysis impact code" } }, "description" : "Response object for Search Impact" }, "SearchSourcesImpactRequest" : { "type" : "object", "required" : [ "pagination" ], "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "analysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis code" }, "analysisImpactCode" : { "type" : "string", "example" : "0143dde8-3d81-44ac-ab77-fb5132c0f3b0", "description" : "Analysis impact code" }, "sourceFilter" : { "description" : "Source Filter", "$ref" : "#/definitions/FilterData" }, "sourceIds" : { "type" : "array", "description" : "Source identifiers", "items" : { "type" : "integer", "format" : "int64" } }, "targetId" : { "type" : "integer", "format" : "int64", "example" : 41144504, "description" : "Target identificator" }, "navigationFilter" : { "description" : "Navigation filter", "$ref" : "#/definitions/NavigationFilterData" }, "pagination" : { "description" : "Pagination", "$ref" : "#/definitions/PaginationData" } }, "description" : "It is mandatory at least one of the following parameters, application name, analysis code or analysis impact code. If you have already indicated the analysis impact code, the navigation filter is not necessary, in other cases it is. Indicating the pagination filter is necessary in any case." }, "SearchTargetsImpactRequest" : { "type" : "object", "required" : [ "pagination" ], "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "analysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis code" }, "analysisImpactCode" : { "type" : "string", "example" : "0143dde8-3d81-44ac-ab77-fb5132c0f3b0", "description" : "Analysis impact code" }, "sourceFilter" : { "description" : "Source filter", "$ref" : "#/definitions/FilterData" }, "targetFilter" : { "description" : "Target filter", "$ref" : "#/definitions/FilterData" }, "sourceIds" : { "type" : "array", "description" : "Source identificators", "items" : { "type" : "integer", "format" : "int64" } }, "targetIds" : { "type" : "array", "description" : "Target identificators", "items" : { "type" : "integer", "format" : "int64" } }, "navigationFilter" : { "description" : "Navigation filter", "$ref" : "#/definitions/NavigationFilterData" }, "pagination" : { "description" : "Pagination", "$ref" : "#/definitions/PaginationData" } }, "description" : "It is mandatory at least one of the following parameters, application name, analysis code or analysis impact code. If you have already indicated the analysis impact code, the navigation filter is not necessary, in other cases it is. Indicating the pagination filter is necessary in any case." }, "SecurityRestData" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 86896, "description" : "Vulnerability identifier" }, "cve" : { "type" : "string", "example" : "CVE-2016-5007", "description" : "CVE reference (Common Vulnerabilities and Exposures)" }, "cwe" : { "type" : "string", "example" : "CWE-264", "description" : "CWE reference (Common Weakness Enumeration Specification)" }, "muted" : { "type" : "boolean", "example" : true, "description" : "If is muted or not" }, "lastModified" : { "type" : "string", "example" : "2017/05/25 19:29", "description" : "Last modified date" }, "exploitabilitySubscore" : { "type" : "string", "example" : "10", "description" : "Vulnerability exploitable sub-score" }, "impactSubscore" : { "type" : "string", "example" : "2.9", "description" : "Vulnerability impact sub-score" }, "getcVSSv2BaseScore" : { "type" : "string", "example" : "5", "description" : "Vulnerability CVSS v2 base score" }, "getcVSSv3BaseScore" : { "type" : "string", "example" : "5", "description" : "Vulnerability CVSS v3 base score" }, "securityRisk" : { "type" : "string", "example" : "MEDIUM", "description" : "Component security risk (high, medium, low, none, unknown)" }, "description" : { "type" : "string", "example" : "Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences.", "description" : "Vulnerability description" }, "privateVulnerability" : { "type" : "boolean", "example" : true, "description" : "If is private vulnerability or not" }, "components" : { "type" : "array", "description" : "Components list affected by this vulnerability", "items" : { "$ref" : "#/definitions/ComponentSimpleRestData" } } }, "description" : "Data object for Security" }, "SoftwareArtifactData" : { "type" : "object", "required" : [ "artifact", "language", "version" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Language" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" } }, "description" : "Data object for Software Artifact" }, "SoftwareArtifactLicenseData" : { "type" : "object", "required" : [ "artifact", "language", "spdxid", "version" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Language" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "spdxid" : { "type" : "string", "example" : "Apache-2.0", "description" : "Spdx id" } }, "description" : "Data object for Software Artifact License" }, "SourceChildSimpleRestData" : { "type" : "object", "properties" : { "repository" : { "type" : "string", "example" : "MAVEN", "description" : "Repository name" }, "artifact" : { "type" : "string", "example" : "org.springframework:spring-aop", "description" : "Source artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Source version" }, "child" : { "type" : "array", "description" : "Source childs list", "items" : { "$ref" : "#/definitions/SourceChildSimpleRestData" } } }, "description" : "Data object for Source Child" }, "SourceRootSimpleRestData" : { "type" : "object", "properties" : { "path" : { "type" : "string", "example" : "pom.xml", "description" : "Source path" }, "artifact" : { "type" : "string", "example" : "org.springframework:spring-context", "description" : "Source artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Source version" }, "child" : { "type" : "array", "description" : "Source childs list", "items" : { "$ref" : "#/definitions/SourceChildSimpleRestData" } } }, "description" : "Data object for Source Root" }, "SpdxLicenseData" : { "type" : "object", "properties" : { "spdxid" : { "type" : "string", "example" : "Apache-2.0", "description" : "SPDX code (Software Package Data Exchange)" }, "details" : { "type" : "string", "example" : "https://spdx.org/licenses/Apache-2.0.html", "description" : "License details or link to license description" }, "name" : { "type" : "string", "example" : "Apache License 2.0", "description" : "License name" } }, "description" : "Data object for Spdx License" }, "SubGraphImpactRequest" : { "type" : "object", "required" : [ "navigationFilter", "sourceId", "targetId" ], "properties" : { "applicationName" : { "type" : "string", "example" : "myApp", "description" : "Application name" }, "analysisCode" : { "type" : "string", "example" : "A-7e3-16dc9e29131", "description" : "Analysis code" }, "sourceId" : { "type" : "integer", "format" : "int64", "example" : 5463, "description" : "Source identifier" }, "targetId" : { "type" : "integer", "format" : "int64", "example" : 5467, "description" : "Target identifier" }, "navigationFilter" : { "description" : "Navigation filter", "$ref" : "#/definitions/NavigationFilterData" } }, "description" : "It is necessary to indicate the name of the application or the analysis code, as well as the source and the target identifier" }, "SubGraphImpactResponse" : { "type" : "object", "properties" : { "components" : { "type" : "array", "description" : "List of components", "items" : { "$ref" : "#/definitions/ComponentDetailResponse" } }, "relations" : { "type" : "array", "description" : "List of relations", "items" : { "$ref" : "#/definitions/RelationRestData" } } }, "description" : "Response object for Sub Graph Impact" }, "UnparsedFileData" : { "type" : "object", "properties" : { "file" : { "type" : "string", "example" : "FileSystemSQL.java", "description" : "Unparsed file name" }, "cause" : { "type" : "string", "example" : "com.als.core.parser.ParseException: Cannot parse FileSystemSQL.java, due to: com.als.parsers.plsql.ParseException: Parse error at line 18, column 1. Encountered: ALTER", "description" : "Cause" } }, "description" : "Data object for Unparsed File" }, "UpdateCustomComponentRestData" : { "type" : "object", "required" : [ "artifact", "language", "version" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "version" : { "type" : "string", "example" : "3.2.13.RELEASE", "description" : "Artifact version" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Technology" }, "description" : { "type" : "string", "example" : "This artifact define the spring-aop", "description" : "Component description" }, "date" : { "type" : "string", "example" : "2019-08-03T10:15:30Z", "description" : "Component date" }, "custom" : { "type" : "boolean", "example" : false, "description" : "Confirm that current component is custom (true value) or may be public (false value)" }, "showPublicVulnerabilities" : { "type" : "boolean", "example" : false, "description" : "When custom is true if you want show public vulnerabilities found by Kiuwan" }, "showPublicLicenses" : { "type" : "boolean", "example" : false, "description" : "If you want show licenses found by Kiuwan" } }, "description" : "Data object for Custom Component to Update" }, "UserApplicationRoleResponse" : { "type" : "object", "properties" : { "username" : { "type" : "string", "example" : "username", "description" : "User name" }, "roleName" : { "type" : "string", "example" : "None", "description" : "Role name" }, "override" : { "type" : "boolean", "example" : true, "description" : "Indicates if override the configuration or not", "enum" : [ true, false ] } }, "description" : "Response object for Application and assigned User Role" }, "UserAppsPermissionsResponse" : { "type" : "object", "properties" : { "username" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User name" }, "email" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User email" }, "firstName" : { "type" : "string", "example" : "John", "description" : "User first name" }, "lastName" : { "type" : "string", "example" : "Smith", "description" : "User last name" }, "managementFeatures" : { "type" : "array", "example" : "["MANAGE_APPLICATIONS","MANAGE_MODELS"]", "description" : "Management features. Allowed values are { MANAGE_APPLICATIONS | MANAGE_ALL_USERS | MANAGE_MODELS }", "items" : { "type" : "string" } }, "enabled" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user is enabled or not" }, "supportEnabled" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has the support enabled" }, "overrideUserGroup" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user override group permissions" }, "manageApplications" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has permissions to manage applications" }, "manageUsers" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has permissions to manage users" }, "manageModels" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has permissions to manage models" }, "manageAudits" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has permissions to manage audits" }, "manageReports" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has permissions to manage reports" }, "applicationPermissionsData" : { "type" : "array", "description" : "List of applicaction names and their permissions for this user", "items" : { "$ref" : "#/definitions/ApplicationPermissionsData" } } }, "description" : "Response object for Application and assigned User Permissions" }, "UserDetailResponse" : { "type" : "object", "properties" : { "username" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User name" }, "firstName" : { "type" : "string", "example" : "John", "description" : "User first name" }, "lastName" : { "type" : "string", "example" : "Smith", "description" : "User last name" }, "enabled" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user is enabled or not" }, "email" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User email" }, "isOwner" : { "type" : "boolean", "example" : false, "description" : "Indicates if the user is the account owner" }, "enableLoginWithPassword" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has enable login with password" } }, "description" : "Response object for User Details" }, "UserGroupRequest" : { "type" : "object", "required" : [ "name" ], "properties" : { "name" : { "type" : "string", "example" : "CMSDevelopers", "description" : "User group name" }, "newName" : { "type" : "string", "example" : "CMS_Developers", "description" : "User group new name" }, "users" : { "type" : "array", "example" : "john.smith@myCompany.com, kelly.smith@myCompany.com", "description" : "Group users list", "items" : { "type" : "string" } }, "accessControlConfiguration" : { "description" : "User access control configuration details", "$ref" : "#/definitions/AccessControlConfigurationData" } }, "description" : "Request object for User Group" }, "UserGroupResponse" : { "type" : "object", "properties" : { "name" : { "type" : "string", "example" : "CMSDevelopers", "description" : "User group name" }, "users" : { "type" : "array", "example" : "john.smith@myCompany.com, kelly.smith@myCompany.com", "description" : "Group users list", "items" : { "type" : "string" } } }, "description" : "Response object for User Group" }, "UserInformationResponse" : { "type" : "object", "properties" : { "username" : { "type" : "string", "example" : "John Smith", "description" : "User name" }, "organization" : { "type" : "string", "example" : "MyCompany", "description" : "Organization name" }, "engineVersion" : { "type" : "string", "example" : "master.p571.q11669.a1875.i539", "description" : "Current (or frozen) engine version" }, "engineFrozen" : { "type" : "boolean", "description" : "Whether the engine version is frozen or not" } }, "description" : "Response object for User Information" }, "UserManagementRequest" : { "type" : "object", "required" : [ "email", "enabled", "firstName", "lastName", "username" ], "properties" : { "username" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User name" }, "firstName" : { "type" : "string", "example" : "John", "description" : "User first name" }, "lastName" : { "type" : "string", "example" : "Smith", "description" : "User last name" }, "enabled" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user is enabled", "enum" : [ true, false ] }, "email" : { "type" : "string", "example" : "john.smith@myCompany.com", "description" : "User email" }, "generatePassword" : { "type" : "boolean", "example" : true, "description" : "True to generate a random password", "enum" : [ true, false ] }, "regeneratePassword" : { "type" : "boolean", "example" : false, "description" : "True to regenerate the user password", "enum" : [ true, false ] }, "enableLoginWithPassword" : { "type" : "boolean", "example" : true, "description" : "Indicates if the user has enable login with password", "enum" : [ true, false ] }, "accessControlConfiguration" : { "description" : "User access control configuration details", "$ref" : "#/definitions/AccessControlConfigurationData" } }, "description" : "Request object for User Management" }, "UserPortfolioRoleData" : { "type" : "object", "properties" : { "type" : { "type" : "string", "example" : "CUSTOM", "description" : "Portfolio type (CUSTOM, SYSTEM)", "enum" : [ "CUSTOM", "SYSTEM" ] }, "username" : { "type" : "string", "example" : "username", "description" : "User name" }, "portfolioValue" : { "type" : "string", "example" : "Asia", "description" : "Portfolio value" }, "roleName" : { "type" : "string", "example" : "Write", "description" : "Name of the role" } }, "description" : "Data object for Portfolio and User Role assigned" }, "ValueCountData" : { "type" : "object", "properties" : { "value" : { "type" : "string", "example" : "java", "description" : "Name of property (language, type, relation)" }, "count" : { "type" : "integer", "format" : "int64", "example" : 22, "description" : "Number of elements with same property" } }, "description" : "Data object for Value Count" }, "ViolatedRuleResponse" : { "type" : "object", "properties" : { "ruleCode" : { "type" : "string", "example" : "OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule", "description" : "Rule code" }, "modelId" : { "type" : "integer", "format" : "int64", "example" : 6252, "description" : "Model identifier" }, "defectsCount" : { "type" : "integer", "format" : "int64", "example" : 72, "description" : "Number of defects" }, "suppressedDefectsCount" : { "type" : "integer", "format" : "int64", "example" : 0, "description" : "Number of suppressed defects" }, "filesCount" : { "type" : "integer", "format" : "int64", "example" : 11, "description" : "Number of files" }, "effort" : { "type" : "string", "example" : "36h 00", "description" : "Rule effort" }, "characteristic" : { "type" : "string", "example" : "Security", "description" : "CQM characteristic", "enum" : [ "Efficiency", "Maintainability", "Portability", "Reliability", "Security" ] }, "vulnerabilityType" : { "type" : "string", "example" : "Injection", "description" : "Vulnerability type (More info in https://www.kiuwan.com/docs/display/K5/Kiuwan+Vulnerability+Types)" }, "tags" : { "type" : "array", "example" : "[CERT-J:IDS51-J,CWE:79,CWEScope:Access-Control,CWEScope:Availability,CWEScope:Confidentiality,CWEScope:Integrity,essential,OWASP:2013:A3,OWASP:2017:A7,OWASP-M:2014:M7,PCI-DSS:6.5.7,SANS25:2010:1,SANS25:2011:4,WASC:08]", "description" : "Tags list", "items" : { "type" : "string" } }, "priority" : { "type" : "string", "example" : "Very High", "description" : "CQM priority", "enum" : [ "Very Low", "Low", "Normal", "High", "Very High" ] }, "language" : { "type" : "string", "example" : "Java", "description" : "CQM technology (List of supported technologies in https://www.kiuwan.com/docs/display/K5/Kiuwan+Supported+Technologies)" }, "files" : { "example" : "http://kiuwan.com/saas/rest/v1/violatedrules/files?application=myApp&analysisCode=A-7e3-16dc9e29131&ruleCode=OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule", "description" : "Link to files", "$ref" : "#/definitions/HrefData" } }, "description" : "Response object for Violated Rule" }, "VulnerabilityData" : { "type" : "object", "properties" : { "cweId" : { "type" : "integer", "format" : "int32", "example" : 79, "description" : "CWE identifier" }, "category" : { "type" : "string", "example" : "xss", "description" : "Sink category" }, "resource" : { "type" : "string", "example" : "web", "description" : "Resource" }, "container" : { "type" : "string", "example" : "executeQuery(java.lang.String,javax.servlet.ServletContext,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)", "description" : "Container" }, "injectionPoint" : { "type" : "string", "description" : "InjectionPoint" }, "variableDeclaration" : { "type" : "string", "example" : "String sql", "description" : "Variable declaration" }, "sourceFile" : { "type" : "string", "example" : "FileSystemRepository.java", "description" : "Source file" }, "sourceLine" : { "type" : "integer", "format" : "int32", "example" : 70, "description" : "Source line" }, "sourceCode" : { "type" : "string", "example" : "\t\t\tString val = request.getParameter(item);", "description" : "Source code" }, "sourceCategory" : { "type" : "string", "example" : "user_input", "description" : "Source category" }, "sourceResource" : { "type" : "string", "example" : "web", "description" : "Source resource" }, "sourceContainer" : { "type" : "string", "example" : "java.util.Map sanitizeNull(java.util.List,javax.servlet.http.HttpServletRequest)", "description" : "Source container" }, "sourceInjectionPoint" : { "type" : "string", "description" : "Source injection point" }, "frames" : { "type" : "array", "description" : "Vulnerability frames", "items" : { "$ref" : "#/definitions/FrameData" } }, "datapaths" : { "type" : "array", "description" : "Vulnerability datapaths", "items" : { "$ref" : "#/definitions/DatapathData" } } }, "description" : "Data object for Vulnerability" }, "VulnerabilityRestData" : { "type" : "object", "properties" : { "id" : { "type" : "integer", "format" : "int64", "example" : 108742, "description" : "Vulnerability identifier" }, "cve" : { "type" : "string", "example" : "CVE-2018-11039", "description" : "CVE reference (Common Vulnerabilities and Exposures)" }, "cwe" : { "type" : "string", "example" : "CWE-20", "description" : "CWE reference (Common Weakness Enumeration Specification)" }, "description" : { "type" : "string", "example" : "Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.", "description" : "Vulnerability description" }, "severity" : { "type" : "string", "example" : "Low", "description" : "Vulnerability severity (High, Medium, Low)", "enum" : [ "High", "Medium", "Low" ] }, "privateVulnerability" : { "type" : "boolean", "example" : true, "description" : "If is private vulnerability or not" } }, "description" : "Data object for Insight Vulnerability" }, "VulnerableArtifactVersionsData" : { "type" : "object", "required" : [ "affectedVersions", "artifact", "language" ], "properties" : { "group" : { "type" : "string", "example" : "org.springframework", "description" : "Artifact Group" }, "artifact" : { "type" : "string", "example" : "spring-aop", "description" : "Artifact name" }, "language" : { "type" : "string", "example" : "java", "description" : "Artifact Language" }, "affectedVersions" : { "type" : "array", "description" : "Affected versions", "items" : { "$ref" : "#/definitions/AffectedVersionsData" } } }, "description" : "Data object for Vulnerable Artifact Versions" } }, "externalDocs" : { "description" : "Kiuwan online documentation", "url" : "https://www.kiuwan.com/docs/display/K5/REST+API" } }